Openwall Linux 3.0 — No SUIDs, Anti-Log-Spoofing - Slashdot

Slashdot

Openwall Linux 3.0 — No SUIDs, Anti-Log-Spoofing 122

Posted by Soulskill on Friday December 17, 2010 @04:45PM
from the wouldn't-an-open-wall-be-a-gate dept.

solardiz writes "Openwall GNU/*/Linux (or Owl for short) version 3.0 is out, marking 10 years of work on the project. Owl is a small, security-enhanced Linux distro for servers, appliances, and virtual appliances. Two curious properties of Owl 3.0: no SUID programs in the default install (yet the system is usable, including password changing); and logging of who sends messages to syslog (thus, a user can't have a log message appear to come, say, from the kernel or sshd). No other distro has these. Other highlights of Owl 3.0: single live+install+source CD, i686 or x86_64, integrated OpenVZ (host and/or guest), 'make iso' & 'make vztemplate' in the included build environment, ext4 by default, xz in tar/rpm/less, 'anti-Debian' key blacklisting in OpenSSH. A full install is under 400 MB, and it can rebuild itself from source."

This discussion has been archived. No new comments can be posted.

Openwall Linux 3.0 — No SUIDs, Anti-Log-Spoofing

Search 122 Comments Log In/Create an Account

Comments Filter:

Ah Sweet Nostalgia (Score:5, Insightful)

by ADRA (37398) writes: on Friday December 17, 2010 @04:58PM (#34592512)

While I'm not terribly interested in the distribution itself, its great to see a classic Slashdot story about some major or point release of a semi-well known OSS product.

Share
twitter facebook linkedin
Re:Not Trolling? (Score:2, Insightful)

by metrix007 (200091) writes: on Friday December 17, 2010 @06:25PM (#34593680)

I am getting modded down because zealots have modpoints.
Most people who use Linux don't review the code nor should they be expected to. We should expect the developers to disclose security problems in a responsible way. They don't, they obscure them.
So yes, the developers do practice security via obscurity. DO I really need to go and link the interview on kerneltrap where they say and defend that practice?

Parent Share
twitter facebook linkedin
Re:Not Trolling? (Score:1, Insightful)

by Markos (71140) writes: on Friday December 17, 2010 @07:13PM (#34594310)

http://en.wikipedia.org/wiki/Security_through_obscurity [wikipedia.org] "Software which is deliberately released as open source cannot be said to be relying on security through obscurity (the design being publicly available), but it can nevertheless also experience security debacles (e.g., the Morris worm of 1988 spread through some obscure—though widely visible to those who looked—vulnerabilities)."

Parent Share
twitter facebook linkedin

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

299 commentsLinux Fatware: Distros That Need To Slim Down
268 commentsBtrfs Is Getting There, But Not Quite Ready For Production
226 commentsDebian 7.0 ('Wheezy') Release Planned For 1st Weekend in May
194 commentsNew OpenWRT Drops Support For Linux 2.4, Low-Mem Devices
191 commentsDebian 7.0 ("Wheezy") Released

"Whom are you?" said he, for he had been to night school. -- George Ade