Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Subject: Re: RFD: security-newbie mailing list
From: Kurt Seifried (listuserseifried.org)
Date: Fri Aug 11 2000 - 23:11:38 CDT

> "Is this <config> secure?" is, perhaps, off-topic. But the
> differences between "<config>" and "<program>" are, in a lot of
> cases, often barely beyond trivial, especially when it provides
> interesting target-practice, or at least a potentially instructive
> "straw man".
> A novel side-charter for this list might include an aim to
> formalise various "obvious" topics that have been collectively
> deemed beneath us. How might we semi-mathematically explain
> the strengths and weaknesses of:

This is one aim of the Linux Security Knowledge Base.
> * Linux "capabililies" (really privileges, but we knew that)
> * chroot

and many other articles that cover chrooting specific daemons (bind, etc.)

> * root vs non-root
this deserves an article.

> * "careful" (eg. nosuid,noexec) fs mounting