Leon wrote:
Hi all,
Following the 'yum updates' thread, I have a concern about the
security of FC under this condition:
My opinion.
[1] Yum update every month.
More frequently would be better.
[2] SELinux set to enforced
It is safer for correct install to set SELinux to permissive during
updates. There could be issues with %post and %pre scriptlets when
running rpm, yum or other dep solver/installers.
[3] Only ssh is open.
I turn off ssh completely. (No need for remote login)
Disabling root logins is best if it is active.
Thank you!
Jim
--
District of Columbia pedestrians who leap over passing autos to escape
injury, and then strike the car as they come down, are liable for any
damage inflicted on the vehicle.