Am 29.04.2014 23:09, schrieb Andrew Lutomirski: > If you want to go down that path, set up selinux to prevent execing > things that oughtn't to be execed. But trying to prevent exploits > from working by removing every possible helper from the path is a > losing proposition and is just not worth doing
defense in depth means you are doing *both* defense in depth means limit the attack surface as much as you can defense in depth means place security layers behind others to surive a failing one defense in depth means disable and remove anything which is not needed for your tasks
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
