review of hardening guide

Stuart Ellis s.ellis at fastmail.co.uk
Thu Mar 31 09:42:41 UTC 2005


On Wed, 30 Mar 2005 22:17:12 -0800 (PST), "Rahul Sundaram"
<rahulsundaram at yahoo.co.in> said:
>
> http://members.cox.net/tuxxer/ch-chapter2.html
> 
> Since this is out of scope for your document by your
> own admission it would be better to just drop this.
> Kernel recompilation or additional hardening is
> unnecessary for the large majority of users and worse
> gives the idea that the kernel requires active manual
> intervention to make it secure.

I think that the main issue is that the specified audience ("all users")
doesn't match up with the intent (a comprehensive security overview).  I
don't see there's anything wrong with saying that it's a detailed guide
for more advanced users, and leaving the basic security stuff for
another doc - 1) don't mess with the defaults without a reason, 2) run
updates, 3) there is no step 3 :)



--

Stuart Ellis




More information about the fedora-docs-list mailing list