[MUD-Dev] Preference for host OS
efindel at earthlink.net
Tue Sep 11 17:35:07 New Zealand Standard Time 2001
On Tuesday 11 September 2001 12:01 am, J C Lawrence wrote:
> Travis Casey <efindel at earthlink.net> wrote:
>> Also, it should be noted that last I checked, Solaris does *not*
>> come with a C compiler (or, more accurately, it comes with a C
>> compiler, but you can't use it unless you pay for a license).
>> You'll either need to install a free one (e.g., gcc) or pay for a
>> license for Sun's.
> Solaris 8 comes with GCC on one of the companion CDs.
That's good, then. The last time I used Solaris seriously was
either a late 5 or early 6 version. I'd heard reports from others
more recently that they still didn't include one, but those people
may not have been checking the companion CDs.
>> For something that's just going to be a mud server, if you're
>> going to use Linux, I'd recommend one of the lighter,
>> security-oriented distributions, like Trustix or Immunix.
> While I don't disagree, properly configuring a kernel/process
> capability system is not trivial and can require significant
> learning and analysis curves. This should be factored in up front
> in the cost/benefit analysis as well in the risk containment
> analysis (which should mostly end up in positive check marks on
> the Immunix/TrusIx etc side).
Well, more than the capability system, I'm thinking of the fact that
a secure system should include as few things by default as possible.
In securing Red Hat/SuSE/Debian/any other "general-purpose" Linux
distribution, there's a lot of packages you're going to need to
remove. Trustix and Immunix both have a *very* minimal default
installation. Trustix, which is the one I've actually worked with,
by default configures *no* network-accessible services -- you have
to turn on any network services you want. IMHO, this is a much
better model for security than having to turn off what you don't
|\ _,,,---,,_ Travis S. Casey <efindel at earthlink.net>
ZZzz /,`.-'`' -. ;-;;,_ No one agrees with me. Not even me.
|,4- ) )-,_..;\ ( `'-'
MUD-Dev mailing list
MUD-Dev at kanga.nu
More information about the MUD-Dev