Language Selection

English French German Italian Portuguese Spanish

Kickstart your Linux security by avoiding garbage installations

Filed under
Linux

Recently, a colleague complained to me that X Windows refused to start following a routine patch upgrade on a production Web server. I asked why he needed X Windows running on a production Web server in the first place, especially a server that was allegedly secured as a bastion host in a perimeter DMZ. The response that "it was installed by default" seemed inadequate when considering the security risk posed by running X Windows on a bastion host.

Unnecessary packages on a host bring significant risks. An attacker can target the capabilities of those unnecessary packages to subvert or compromise your host, especially since most distributions automatically start the processes required by the installed packages (for example, if you have installed Apache, then the httpd process is automatically started).

So how do these unnecessary packages get installed?

Full Story.

More in Tux Machines

Mesa 10.4 Tentatively Planned For Early December

Emil Velikov, the new Mesa release manager, has issued a straw-man proposal to release Mesa 10.4 in early December. In sticking to the three month release cadence of Mesa, Emil is proposing the Mesa 10.4 feature freeze and release candidate for 14 November with new release candidates to come weekly until the official release. Emil is tentatively thinking about the Mesa 10.4 release for 5 December. Read more

today's howtos

Leftovers: Gaming

Leftovers: Software