FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux General Discussion

 
 
LinkBack Thread Tools
 
Old 06-12-2010, 09:06 AM
Marek Kozlowski
 
Default ALSTF (Arch Linux Security Task Force)?

:-)

I've found such a topic when browsing the Wiki:

http://wiki.archlinux.org/index.php/Security_Task_Force

Well, sound like a very smart idea. IMHO it's a thing that makes a
distro more 'prestigious' -- it's quite difficult to convince someone to
using a distro for something more than just a testing workstation if
it's security is, let's say... 'unknown'. Unfortunately there *are* some
regressions in the upstream that make the latest stable releases
vulnerable. In fact it's the main reason that prevents my faculty from
switching from Gentoo and log-time compilations to simple and KISS-ing
Arch. Any work toward ALSTF in the recent past?

Best regards,
Marek
 
Old 06-12-2010, 09:20 AM
Allan McRae
 
Default ALSTF (Arch Linux Security Task Force)?

On 12/06/10 19:06, Marek Kozlowski wrote:

:-)

I've found such a topic when browsing the Wiki:

http://wiki.archlinux.org/index.php/Security_Task_Force

Well, sound like a very smart idea. IMHO it's a thing that makes a
distro more 'prestigious' -- it's quite difficult to convince someone to
using a distro for something more than just a testing workstation if
it's security is, let's say... 'unknown'. Unfortunately there *are* some
regressions in the upstream that make the latest stable releases
vulnerable. In fact it's the main reason that prevents my faculty from
switching from Gentoo and log-time compilations to simple and KISS-ing
Arch. Any work toward ALSTF in the recent past?


Nope... there has been a lot of talk but nothing ever comes of it
(apart from a wiki page it seems!).


Allan
 
Old 06-12-2010, 01:42 PM
Mauro Santos
 
Default ALSTF (Arch Linux Security Task Force)?

On 06/12/2010 10:06 AM, Marek Kozlowski wrote:
> :-)
>
> I've found such a topic when browsing the Wiki:
>
> http://wiki.archlinux.org/index.php/Security_Task_Force
>
> Well, sound like a very smart idea. IMHO it's a thing that makes a
> distro more 'prestigious' -- it's quite difficult to convince someone to
> using a distro for something more than just a testing workstation if
> it's security is, let's say... 'unknown'. Unfortunately there *are* some
> regressions in the upstream that make the latest stable releases
> vulnerable. In fact it's the main reason that prevents my faculty from
> switching from Gentoo and log-time compilations to simple and KISS-ing
> Arch. Any work toward ALSTF in the recent past?

After reading the wiki page it seems that at least the part of keeping
with the latest _stable_ upstream release is already followed (within
reasonable limits not to break stuff for everyone), if not then lots of
families will cry, scream and ask why package foo hasn't been updated to
the latest upstream release :P

On the other hand, the security business seems to be a full time job,
Arch's devs already donate a considerable time to maintain Arch and keep
things running smoothly, I am very grateful for that and in my opinion
they do a great job and it is selfish to ask them to do even more.

The other side of things, and I've seen it popping up here and in the
forums, is the use of selinux and similar security measures. People that
have opted to use Arch because of it's philosophy are most probably
people that really want to have a grasp of how things work and want to
know how to solve problems, therefore typically they don't bite more
than they can chew and start simple.

>From my very limited experience, selinux is not easy to manage unless
you really know what you are doing and most users do not ask for it so
devs and TU's don't spend time maintainning something that no one uses.

My guess is that if you really need these features and peace of mind you
have two options, either start the effort to maintain it within Arch, if
you have the time and feel up to it, or use another distro in your
critical machines that provides these features for you. I guess that up
until now no one felt capable of tackling this task or the itch wasn't
that bad :P

--
Mauro Santos
 

Thread Tools




All times are GMT. The time now is 02:00 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org