On Mon, Feb 18, 2002 at 10:15:34PM -0700, Rick Kelly wrote:
> Shannon said:
> 
> >It's security is as good as its admin... :)
> 
> Maybe or maybe not. I don't think that Linux distributions get audited for
> security at the same level as *BSD. Slackware is probably the safest as it
> has the least amount of software of questionable value.

Well, I seem to manage.

I will say this though: I think the new package system(s) which encompass
lot's of different BSD, Linux and maybe other UNIX systems should be nice.

Right now there is a lot of redundant bug-fixing going on, and you will
always miss one here and there.

In any case, there are people doing audits of Linux code and it is getting
back to distributions.  Not sure about Red Hat, but then I don't really
like them anyway.

A bigger question is: who is auditing the commercial UNIX code?

> But here is a Linux anecdote:
> 
> A number of years ago a friend of mind had a Linux box connected to the
> internet. He was hosting a MUD on it for a year or so. One morning he was
[snip]

You think no *BSD system admins have been awakened by the spooks?

As far as stability goes, right now NetBSD has a serious problem with the
kernel not dealing well with some resource shortfalls, to be addressed
in 1.5.3.  My filesystems lost+found directories are full of the evidence
of this.

Now, my Linux system, the one that should be the bad egg on the LAN,
never loses data.  It's PeeCee hardware and can lock up when the nVidia
card decides to go ape (I think the latest drivers have fixed this)
but I don't lose data.

To be fair though, I'm not running ext2.  I'm running SGI's xfs, and so
far it seems impervious to my brutal tests and experimentation.

-- 
UNIX/Perl/C/Pizza__________________________________shannon@widomaker.com