[Gllug] Code Tux, sober Saturday morning response
Bruce Richardson
brichardson at lineone.net
Sat Jul 21 12:27:34 UTC 2001
On Fri, Jul 20, 2001 at 06:23:14PM +0100, Rich Walker wrote:
> In message <20010720.16245100 at usb.cafod>
> Bruce Richardson <brichardson at lineone.net> wrote:
> [snip]
> > That isn't locking down the system down beyond usability, that's a
> > simple, sensible configuration. If the Debian maintainers can't be
> > bothered with that kind of simple precaution they have no business
> > being so damned elitist (says Bruce the Debian bigot).
> >
> > After 4 years of using Linux I now have a checklist of things that
> > should be secured.
>
> Right. Of course, you've published it. And, I see, you've put the
> URL of it in this post. And you've sent a reference copy to the relevant
> security teams of the relevant distros. [There probably should be a
> smiley in this paragraph, but there's too much "I know how to solve
> this problem and haven't" on the net this month].
If I had never contributed to a single open source project or if I were
Linus Torvalds in disguise, it wouldn't make the slightest difference to
my argument. My experience and putative contribution don't actually
affect the truth of whether enabling portmapper by default is a smart
thing to do or an easy thing to avoid. But since you make the
accusation:
I spent a long time on the Red Hat list thrashing out configuration
improvements with fellow contributors.
http://website.lineone.net/~brichardson/linux/X/ , for example, was both
an effort to explain Red Hat's X set-up for newbies and a submission on
how to improve RH's messy xinit scripts (which got a lot of support on
the lists but precisely no response from RH).
I wrote a HOWTO on installing Linux on old, low-spec laptops -
http://website.lineone.net/~brichardson/linux/4mb_laptops/ - which is
now part of the LDP collection and has had the unexpected side-effect
that I now find myself answering questions from all over about
installing distribution X on laptop X.
I actually am in the middle of writing an article on cfengine and how it
can be used to administer and secure a site.
What else do you want, a list of projects I've submitted code to? Does
any of this contribute to the debate about security? No, it just
answers your childish and irrelevant personal attack.
The issue is distributions and security. If you actually have an
argument, make it. If you have more childish points to score, take it
off list where I shall feel more free to respond in a fitting manner.
--
Bruce
Bitterly it mathinketh me, that I spent mine wholle lyf in the lists
against the ignorant. -- Roger Bacon, "Doctor Mirabilis"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 261 bytes
Desc: not available
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20010721/ee9783ef/attachment.pgp>
More information about the GLLUG
mailing list