Firewall Wizards mailing list archives
Re: Hardening, (was Re: chroot useful?)
From: Darren Reed <darrenr () cyber com au>
Date: Mon, 24 Nov 1997 13:21:51 +1100 (EST)
In some mail I received from Marcus J. Ranum, sie wrote
Darren Reed wrote:Sigh. Why does everyone pick on man pages ?Because man pages don't fight back!! :) Seriously, though, my view is that if you're stud enough to be messing around on my box, you shouldn't need the man pages. If you do, you're not stud enough, ipso facto.
Okay, I can see your line of reasoning, but it's not always the case that you're doing some work on such a box which you have all the regular commands down pat. Or maybe I've built a box for someone else who isn't quite so expert. If they're lucky, they'll have another box running the same Unix for some time. If I give someone else a firewall, they should be able to rely on my skills to have built it correctly but they shouldn't need me to perform regular maintenaince (whatever that may be). Further to the "3rd party requirements" theory, is it possible to build a stripped-down firewall and then list each command still on the system and describe why it is there ? Do you even need ls on a firewall if administrative tasks are fully laid out and don't prescribe its need ? If you're building your own, sure, you should be able to do without.
Current thread:
- Re: Hardening, (was Re: chroot useful?), (continued)
- Re: Hardening, (was Re: chroot useful?) Marcus J. Ranum (Nov 23)
- Re: Hardening, (was Re: chroot useful?) Craig Brozefsky (Nov 23)
- Re: Hardening, (was Re: chroot useful?) Petri Virkkula (Nov 23)
- Re: Hardening, (was Re: chroot useful?) Craig Brozefsky (Nov 24)
- Test Systems - was Re: Hardening John Lines (Nov 24)
- Time for a new FWTK? chuck yerkes (Nov 24)
- Re: Time for a new FWTK? Marcus J. Ranum (Nov 24)
- Re: Time for a new FWTK? -= ArkanoiD =- (Nov 25)
- Re: Time for a new FWTK? Ge' Weijers (Nov 25)
- Re: Time for a new FWTK? Ted Doty (Nov 25)
- Re: Hardening, (was Re: chroot useful?) Darren Reed (Nov 24)