Examples of 'dpkg --get-selection > packagesinstalled.txt' for firewall
Sam Couter
sam at couter.dropbear.id.au
Mon Nov 25 18:35:54 EST 2002
Robert Thorsby <robert at thorsby.com.au> wrote:
> As something to kick off the justification process: Why cron -- it's
> totally unnecessary, and easily replaceable.
Cron comes from logging (as a way to start the log rotation process each
night).
You can do without cron if you can do without logging, which maybe you
can. Personally, I break shit often enough that I require the
convenience of running syslog-style logging.
I've designed my firewall as an application of a general-purpose
operating system, not an embedded system.
In my case, I have minimized the security risk presented by a logging
daemon by ensuring that it doesn't listen on a network port (which is
blocked anyway).
Next?
[ In case you hadn't worked it out already, I have already justified
each and every package I have installed on the machine within my
security context and functional requirements. ]
--
Sam "Eddie" Couter | mailto:sam at couter.dropbear.id.au
Debian Developer | mailto:eddie at debian.org
| jabber:sam at jabber.topic.com.au
OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux/attachments/20021125/280d4234/attachment.bin
More information about the linux
mailing list