Examples of 'dpkg --get-selection > packagesinstalled.txt' for firewall

Sam Couter sam at couter.dropbear.id.au
Mon Nov 25 18:35:54 EST 2002


Robert Thorsby <robert at thorsby.com.au> wrote:
> As something to kick off the justification process: Why cron -- it's 
> totally unnecessary, and easily replaceable.

Cron comes from logging (as a way to start the log rotation process each
night).

You can do without cron if you can do without logging, which maybe you
can. Personally, I break shit often enough that I require the
convenience of running syslog-style logging.

I've designed my firewall as an application of a general-purpose
operating system, not an embedded system.

In my case, I have minimized the security risk presented by a logging
daemon by ensuring that it doesn't listen on a network port (which is
blocked anyway).

Next?

[ In case you hadn't worked it out already, I have already justified
each and every package I have installed on the machine within my
security context and functional requirements. ]
-- 
Sam "Eddie" Couter  |  mailto:sam at couter.dropbear.id.au
Debian Developer    |  mailto:eddie at debian.org
                    |  jabber:sam at jabber.topic.com.au
OpenPGP fingerprint:  A46B 9BB5 3148 7BEA 1F05  5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux/attachments/20021125/280d4234/attachment.bin


More information about the linux mailing list