Your Distro is Insecure: Ubuntu
albertosierra at aesetres.com
Tue Apr 14 18:35:51 UTC 2009
i believe there should be at least a document about securing an Ubuntu
server after the default install. I "grew up" using slackware as a server
and i don't really care if a server is "hard" to set up as long as the core
OS is secure, and i had no idea that the home directories in Ubuntu were
world-readable, my fault i know, but i assumed it was default in all linux
installs. I understand the concept of "linux for humans" but humans should
also secure their servers.
On the other hand, the applications is completely other subject, i mean,
they are supposed to be configured, and not left with default settings,
specially public services as mail/database, etc.
Bottom line is, the article may not be good, but it is a great tool as
feedback for the server team, and constructive critisism is needed to
Keep up the good work.
On Tue, Apr 14, 2009 at 9:30 AM, <n2vip at verizon.net> wrote:
> The second page is reachable now.
> Opinions vary, but the author has some points, IMHO.
> I'm not fond of his condecending attitude (maybe I'm just overly
> defensive), but I think this article could have been improved it were more
> of a cookbook on how to secure an Ubuntu Server install, not focused on
> listing choices the author doesn't like.
> What do I mean by this, his first example reguarding world-readable users
> directories - the author got very close to saying how to fix the issue (by
> altering the DIR_MODE value in the /etc/adduser.conf file).
> As for the condecension I saw, the author assumes that the Server
> distributions "designers" actively choose to go with insecure options and
> settings in the default install - my choosing to include packages that are
> insecure, a choice is made, but if that is the only version of the software
> available, the choice is to include it or not, and if it is not included, it
> will still likely be downloaded and installed by an end-user - what would
> that accomplish? The same insecure server, more effort to set up the server.
> Opinions vary, and this article lists the authors opinions, but there are
> some valid points in there.
> Apr 14, 2009 10:24:57 AM, albertosierra at aesetres.com wrote:
> what do you guys think?
> "Ubuntu Server has one of the cleanest and easiest Linux distribution
> installers. However, in many cases, its designers choose to ignore security
> in favor of ease-of-use. The result? An install that is not secure by
> Alberto Sierra Reales [aesetres]
> IT Consultant
> Cel. 8319-1805
> ubuntu-server mailing list
> ubuntu-server at lists.ubuntu.com
> More info: https://wiki.ubuntu.com/ServerTeam
Alberto Sierra Reales [aesetres]
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ubuntu-server