Not really, no. I was referring to the practice of starting a gazillion
services by default, including dbus, avahi, ftp and http services,
file sharing components, and all the rest of the stuff that is now
commonly installed as part of a "Linux desktop". SELinux is indeed
one form of hardening, but I wasn't referring specifically to it; exactly
the opposite, in fact.
Without running unneeded things there is no need to "harden".
In spite of FreeBSD having quite a lot of extra security features, i don't
really use more than standard unix security and jails, it is not really
needed.
FreeBSD do this (almost) right - default rc.conf doesn't ruch much, but
still too much. no idea why inetd is run by default, with no services but
anyway.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[email protected]"
