Re: Reasons for Inclusion

• Previous message: Russell Coker: "Re: Reasons for Inclusion"
• In reply to: jmjonesat_private: "Re: Reasons for Inclusion"
• Next in thread: jmjonesat_private: "Re: Reasons for Inclusion"
• Reply: jmjonesat_private: "Re: Reasons for Inclusion"
• Reply: Crispin Cowan: "Re: Reasons for Inclusion"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 22 Mar 2002 16:50:54 EST, jmjonesat_private said:

> GREAT!  Interchangable modules WILL allow more administrators to apply
> secure solutions without recompiling the kernel... depending on how easy
> it is to aquire modules. :)  Couldn't a "standard patch" equally serve
> this need?  "5 steps to greater security."  Would the difficulty in
> patching the kernel outweigh the difficulty of configuring the
> module/solution?

The writing I've done for the Center for Internet Security has shown me that
there is little, if any, consensus on which 5 steps to use.   No one security
policy is one-size-fits-all.

Personally, I'm amazed the *HOOKS* are as close to one-size-fits-all as they
are (sorry, you audit freaks, maybe in phase 2 ;)
-- 
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

• application/pgp-signature attachment: stored

• Next message: jmjonesat_private: "Re: Reasons for Inclusion"
• Previous message: Russell Coker: "Re: Reasons for Inclusion"
• In reply to: jmjonesat_private: "Re: Reasons for Inclusion"
• Next in thread: jmjonesat_private: "Re: Reasons for Inclusion"
• Reply: jmjonesat_private: "Re: Reasons for Inclusion"
• Reply: Crispin Cowan: "Re: Reasons for Inclusion"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Mar 22 2002 - 14:30:57 PST