Hal Flynn, 2004-01-14
The Linux standards group publishes 565 pages of data describing a standards-compliant Linux package. So why aren't any of them about security?
Colapse all |
Post comment
Would a standard enhance, or retard security?
2004-01-15
Anonymous
Anonymous
I'm not sure if a standard is a good idea yet. As it is now, you have a choice of different approaches to security in different distributions, and the creators of those distributions are free to experiment with different security technology. I worry that a standard would essentially lock us at one...
[ more ] [ reply ]
[ more ] [ reply ]
Standardizing on Security
2004-01-16
Anonymous
Anonymous
It's a good question to ask, precisely because there is no easy answer.
Security, remember, is an emergent property of system architecture, so first of all we need to recognize that thinking in terms of isolated security standards is somewhat limiting. Another consideration is that in order to be...
[ more ] [ reply ]
Security, remember, is an emergent property of system architecture, so first of all we need to recognize that thinking in terms of isolated security standards is somewhat limiting. Another consideration is that in order to be...
[ more ] [ reply ]
Bring in the zealots.
2004-01-16
Anonymous (1 replies)
Anonymous (1 replies)
I'm going to go out on a limb and predict countless posts from Linux zealots bashing Hal mercilessly....
[ more ] [ reply ]
[ more ] [ reply ]
Fedora Core release 2
2004-01-16
Jared Robinson
Jared Robinson
Just thought I'd mention that Fedora Core release 2 is set to include SELinux, which was contributed by the NSA. It's good to see new technologies like this making it into a normal distribution.
I don't think LSB should rush to standardize on SELinux yet. We need to see if it works for Fedora. If...
[ more ] [ reply ]
I don't think LSB should rush to standardize on SELinux yet. We need to see if it works for Fedora. If...
[ more ] [ reply ]
Standardizing on Security
2004-01-17
Anonymous (1 replies)
Anonymous (1 replies)
You are right about "linux zealots" bashing Hal mercilessly, as I am about to do. Linux, as an operating system, is not some monolithic piece of corporate code that one can easily "standardize" because nobody owns the code. It is the nature of linux to allow users to customize the kernel and appli...
[ more ] [ reply ]
[ more ] [ reply ]
Hal would be right...
2004-01-19
Anonymous
Anonymous
If security was a product. But it isn't, and this article doesn't pass the laugh test.
I'm not actually sure if Hal's argument makes any more sense than saying "If security standards were built into C/C++, there would be fewer exploits." There could be programming practices that will result in b...
[ more ] [ reply ]
I'm not actually sure if Hal's argument makes any more sense than saying "If security standards were built into C/C++, there would be fewer exploits." There could be programming practices that will result in b...
[ more ] [ reply ]
Standard Argument
2004-01-19
Anonymous
Anonymous
If this Flynn fellow is so keen on standards, may I suggest him use something known as a "Standard Argument?"
Using the Standard Form would require him to actually back up his argument with evidence, and could be a saving grace to a rapidly deteriorating UNIX column.
Cheerio, lads!...
[ more ] [ reply ]
Using the Standard Form would require him to actually back up his argument with evidence, and could be a saving grace to a rapidly deteriorating UNIX column.
Cheerio, lads!...
[ more ] [ reply ]
Standardizing on Security
2004-01-21
blacklight
blacklight
Security is both a process and a product, where the product is unfinished because the process is still evolving with many branches pointing to as many tentative solutions. The desire for clearly spelled out answers is understandable, but are clearly spelled out answers that are not right desirable? ...
[ more ] [ reply ]
[ more ] [ reply ]
Standardizing on Security
2004-01-21
Anonymous
Anonymous
There only need be standardization in the implementation of security. As to the method of the security, let chaos reign. From the chaos that is this planet come things diverse as from a volcano's devastation to a flowers sweet aroma. With standardization comes thousands of the same. Where thre...
[ more ] [ reply ]
[ more ] [ reply ]
I liked the old Unix columnist much better because, he knew what he was talking about!
What would you add to LSB to make it more secure? Most of LSB is describing directory structures and locations of scripts and programs. It's meant so I can go from one LSB compliant Linux to anothe...
[ more ] [ reply ]