[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Bastille on F10?



On Mon, 15 Dec 2008 09:19:57 -0500
Todd Denniston <Todd Denniston ssa crane navy mil> wrote:

> Certain paranoid (they are out to get us :) organizations have rules
> that indicate that: if certain capabilities of a computer system are
> not needed to accomplish the job assigned for that computer, then 
> remove|block|disable|destroy that capability.

Sure. What sort of things does Bastille do that for these days?

> i.e., if the job does not need USB capability, remove USB capability
> from the OS or put hotglue in the ports.
>
> Bastille has been getting upgrades lately to check and set things in
> the Linux based OSs to the standards of some of those organizations,
> leaving the hardware available for use if the machine gets repurposed.

How does it do so? blacklisting modules? Removing them? 
And how does it know which things you don't need/intend to use?
Asking the user?

kevin

Attachment: signature.asc
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]