From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-hardened-return-33-arch-gentoo-hardened=gentoo.org@gentoo.org>
Received: (qmail 29531 invoked by uid 1002); 20 Mar 2003 11:06:12 -0000
Mailing-List: contact gentoo-hardened-help@gentoo.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:gentoo-hardened@gentoo.org>
List-Help: <mailto:gentoo-hardened-help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-hardened-unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-hardened-subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-hardened.gentoo.org>
X-BeenThere: gentoo-hardened@gentoo.org
Received: (qmail 1302 invoked from network); 20 Mar 2003 11:06:11 -0000
Message-ID: <1048158458.a743b0ff9f2d5@www.phivedesign.com>
Date: Thu, 20 Mar 2003 06:07:38 -0500
From: dscott@phivedesign.com
To: "'gentoo-hardened@gentoo.org'" <gentoo-hardened@gentoo.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=_c2e81b5a1d21382283af80"
Content-Transfer-Encoding: 7bit
User-Agent: Internet Messaging Program (IMP) 4.0-cvs
X-Originating-IP:  206.47.0.172
Subject: [gentoo-hardened] More thoughts..
X-Archives-Salt: c1b2afff-72e1-4e90-987b-2244f51d3fbb
X-Archives-Hash: b5a33f71871b219b72cc0e5b03228dab

--=_c2e81b5a1d21382283af80
Content-Type: multipart/signed; boundary="=_b5ec80cb719323a849e433";
	protocol="application/pgp-signature"; micalg="pgp-sha1"
Content-Transfer-Encoding: 7bit

This message is in MIME format and has been PGP signed.

--=_b5ec80cb719323a849e433
Content-Type: text/plain; charset="ISO-8859-1"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Before this continues much further:


(http://www-dt.e-technik.uni-dortmund.de/~ma/qmail-bugs.html


  RFC-1652, RFC-2821, RFC-1894)






  I simply wanted to make the point that user-based file exclusion=20


(systrace/selinux policies) should not be the only concern for a hardened=20


distro.


  The application layer is equally important, both from a stability and secu=
rity=20


perpective (in some cases DDOS vulnerabilities would be equally as devastati=
ng=20


as ending up an IRC Zombie).


Encouraging users to use applications that have a solid history of 0 or bett=
er=20


exploits/buffer attacks is a "good thing".






D.




--=_b5ec80cb719323a849e433
Content-Type: application/pgp-signature
Content-Description: PGP Digital Signature
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQIXAwUAPnmg+vr4V7S7bUR5FAK9aQf/Qi9lzFOlY8GpQ/K9qQIFTDC+skACMFIo
EpqEqdGnI/fACidUmhdh+gifeUWjQfbz4RrjlbseM/2K2wuCYht3LoV/kIRFD/xm
wMsnHV6RZt2aUaEGjWLx5pd8qInOZqoll7h1OxBcHzKrhMQcPQdjGunlwZuQX6ok
lsmHJMpGyve5oNWacJK2dLhYJrfZ/RMhb1mTtG6BOsqmoXIbZcLBWDTbrptV6ACH
XcZwGH3DvQkIRzxMd47YocauRXweqHPC7za5X1BD5E5MrGf6kXFK1W5tABuXuJpt
2rlunDnSKt4QzvAtMBK7GAh+Z9F/hpVdMTfMTSWivFvh7hFHGLYrWwf9HL5k8Y5P
tJhwjiZnk2Pr0SLx6HOXjz2oeGRsevkz3+Dz8oQhGlD3bscSfvyg4DAI6rj1VT6g
j0RK8doqiM0m9OXZtUvoI2BGDVhhqVRD+3wRV/yXW/ltPWQ/RxTm3ClG/fFSlh6p
wUQQdhd04xvv+OD/w0QMrHO0RGz9qzYAR+zvTyuvSZGX3VmWZmaIzOyhi0P0Yo8j
HEJm8n15yBroxzYRbPta9L7mr5UbtvzGBotPsk6VRI0S157pxPRMbkvaahA8ohg8
ytPNHqnT6lJtbO4vZsBy7mN+1ebCY0wbp7qumF5BaCGyZhLhKps6ED8rvgAKIraB
uokQb9HN13WPLQ==
=i3K0
-----END PGP SIGNATURE-----

--=_b5ec80cb719323a849e433--

--=_c2e81b5a1d21382283af80
Content-Type: application/pgp-keys
Content-Description: PGP Public Key
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.1 (GNU/Linux)

mQINBD5R0jcUCACbr0lvTE/TYlZdV/lZMAKU4molQF6bvgjD68V9a/Oo0LNtU+zp
l0cNNgqOB2J2GOeKzPhUN5RRdqd1nO/EV4DNaNN0OYYaDlihasgQhst0YDapK4I8
fQm3Pz91+uVf+CL0wMKHnrv3cH/B+I0eSd9NBMg17rAj+KD635Cdcxwj+2lzSTXM
x6kTMvyL/Gf2fWEDESLNlFvOsmAFVgQpJXbRfJhYYg4DuUJ0Mz1ArvxReVivKJs9
1MX/48is1jZePv3V6YDqxiUbh7h1UPdU0Ty2GHzGKfd5ozwIbVR6pl3UPHiEOEIs
q271nR6fpBB1y31YBf+DIdRGKUS15olP2OD/AAMFB/wItNOs8PJyoE9YeO49EkY8
2dOvO7Uls22uFY7mtNOBWTwhIYJhr5wFYkYG4/xuSw+3pgb5e1bicsB9AoYaTdei
x+44SghqkvuUTLSgeHXVMa3EbDJrzoPdsOkmNRsV8Jp3bDxXxWV7+Xb4RtjLIMdl
05eFro2DJo37T93CXZpkR/ciw2RPchqtIjgCti3P55QMoouVXDOf2gSBKI/Uf5BY
5EiS03jdUl/SV3+xiSb7LuJW2O96kV9FT92YqjOA1yFBEeeoYRvAns3hLH6X/nZm
bVnqx1UDOtWdMibreY1vqEF/MGu2HB4pMenMGF3sod4/yJefdQbfWCB7nbML+zL6
tCBELlNjb3R0IDxkc2NvdHRAcGhpdmVkZXNpZ24uY29tPokCMQQTFAIAGQUCPlHS
NwQLBwMCAxUCAwMWAgECHgECF4AACgkQ+vhXtLttRHmq4wf5AfWDsJ2RYUfkQ/7a
vBkOE87/a7AjWhzxWAhMQUr8hNenuZPDf37A+Pu4m0RyODtgq/OmtVQf3u5ObBDx
OMNGldJ/JRRHE5XQK7i2lCyFt0m/lEdFbIRGPZUWaDJIsahi6QFL7MzL1DvPo9+X
5IJQUGloTG4inCc+R0Io2zL94QLqCFrkL6jlzYkRoOFIHPehkf03fodqNC4z7I3Z
DrKQ+v4ncJGCgBz5z88nb57WxzyjMvQDOnpOnieRAjIbwWB+Ee0ZZF50vWbKGTIS
DstMHs2Hhn4v6Icat+TnicCnDpGsy335HgQjWOdhNq+ZGftluaf+1HHEZuBS7MC3
0b6lUAgAgYU3ZVKoP+RBXibRKbWjFhRl7o4MfawHd+NzXJsUvTeiiGO5WQEML5Gz
spYMWCBhaRoxoII97piM9foV1DqNfvHslmTRzOD5pnBAuCVEBYeiUiNaciwOmkbV
fo+HI5U5UYqtwOpoSEugbsiOqhqE/PLxms5L0Ekr02pJqECUGBzfA7of+HLJGyxL
umc/HtA4ESSsn/otZDS4rIbB54y4/ThlB0o9T00KHygWcwBrffFN3oypIN75msjs
1dV0NbwcvWdLI2sIXXZNOhPMTkZ0aPVws/4GjYZSe3YnlxsRCQ5Bq79Qc1jvjazi
3EeYdcb1muHJqDtN31YPdyst4TLLqA==
=TAh9
-----END PGP PUBLIC KEY BLOCK-----


--=_c2e81b5a1d21382283af80
Content-Type: text/plain; charset=us-ascii

--
gentoo-hardened@gentoo.org mailing list
--=_c2e81b5a1d21382283af80--