[linux-security] Re: RedHat 5.X Security Book

[Grant Taylor <gtaylor picante com>]

>>>>> <seifried seifried org> writes:

> I was looking around for a book specifically on Linux security a week or
> two ago, and couldn't find any. I wanted something Linux specific as
> opposed to say O'Reilly's yellow safe book. 

There are actually Linux-specific details in Practical; I put some of
them there.  They are not, however, distribution-specific.

> So I started writing one, it is pretty RedHat specific (as the
> subject of this email would imply). I would like to get some
> feedback before I continue, a.k.a. is it worthwhile/useful?

Well, I'd say that about 80% of what you'll end up with, if you
continue, will be a duplication of information found in Practical.

There's very little to Unix security that is specific to Linux.  It's
also not at all clear that a Linux-specific security book would be
beneficial; without a good understanding of what's going on any
security implementation will fail, and the knowledge for such an
understanding is the same be it Linux, FreeBSD, Dec Unix, Solaris,
etc.

OTOH, your section on RPM is most certainly useful, although it's a
bit sketchy right now.  And it'll be interesting to try and keep your
table up-to-date as holes are found and new packages are released.
Perhaps you should coordinate the data with one of the various RPM
listing web sites or one of the rpm manager tools.

--
Grant Taylor - gtaylor picante com - http://www.picante.com/~gtaylor/
  Where do these people come from?       Finger for PGP public key.