Ridding myself of root passwords?
joshua at themarshians.com
Thu Feb 6 13:30:08 MST 2014
On Thu, Feb 6, 2014 at 1:08 PM, Levi Pearson <levipearson at gmail.com> wrote:
> I know security is not easy, but if you're going to have a
> public-facing server, you really ought to take the time to figure it
> out. You'll spend less time doing that than you will cleaning up
> after you get hacked. And, as you just experienced, you *will* get
> hacked if you continue to rely on the Unix security model.
It's too bad that most people don't think about becoming security conscious
themselves. The business models I've seen in the past are: who cares,
contract it out, or rely on a 3rd party systems (e.g. App Engine). None of
these help engineers and architects become more security conscious. It's
pushing the accountability somewhere else (in the first case, on the
I agree that learning about it is important. We've had PLUG meetings about
SELinux and there are a bunch of introductions/tutorials on youtube. I'm
personally not a fan of SELinux, but knowing about any LSM will at least
give you a leg up on the average engineer. Putting that on a resume will
look good. I can only imagine it will become more important in the future.
More information about the PLUG