A role model for security. Almost.

A role model for security. Almost.
Jason Miller, 2005-06-08

Mark Burnett beat me to it. I was planning to write an article on the relationship between good security and paranoia in the not too distant future. However, it appears that at least one other SecurityFocus columnist shares some of my theories on good security. Either that, or he's somehow capable of reading my mind. Paranoia is generally a good thing to have. Regardless, Mark's article got me wondering about what other traits are valuable in the quest for good security.

Expand all | Post comment

A Role Model for Security. Almost. 2005-06-09
Anonymous (1 replies)

Re: A Role Model for Security. Almost. 2005-06-29
Matthew Murphy

A Role Model for Security. Almost. 2005-06-11
xeon (1 replies)

Re: A Role Model for Security. Almost. 2005-06-29
Matthew Murphy (1 replies)

Re: Re: A Role Model for Security. Almost. 2006-05-08
Anonymous

A Role Model for Security. Almost. 2005-06-11
Anonymous (1 replies)

Re: A Role Model for Security. Almost. 2005-06-29
Matthew Murphy

A Role Model for Security. Almost. 2005-06-15
Russell Nelson (1 replies)

The problem is not with the code, but with the documentation. The only way that the Guninski "exploit" even begins to qualify is because the default installation instructions don't explicitly tell you to limit the resources available to qmail-smtpd, and yet "everybody knows" that you shouldn't give Internet services unlimited resources. Now ... if djb would only modify INSTALL, then he'd be all set.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/331/31990#31990

Re: A Role Model for Security. Almost. 2005-06-29
Matthew Murphy