Slackware This Forum is for the discussion of Slackware Linux.
|
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
10-07-2009, 06:35 AM
|
#1
|
|
LQ Newbie
Registered: Oct 2009
Location: Egypt مصر
Distribution: Slackware & CentOS
Posts: 5
Rep: 
|
About security in Slackware
General Question about security in Slackware GNU/Linux :-)
Slackware not use PAM , SELinux & xinetd
What the equivalent methods in Slackware to implement security ?
^_^ a ^_^ PAM Pluggable Authentication Modules provide dynamic authorization for applications and services in a Linux system
^_^ b ^_^ SELinux used to add more security for system for example restrict root user privileges ( root can do anything )
^_^ c ^_^ xinetd new internet super server most distro use it instead of old inetd to achieve more security
I need know how can slackware achieve ==> robust , very stable ....etc
Just by select stable versions of software packages & KISS principle
What is the way ? i need more knowledge :-)
I am new in amazing Slackware land :-)
Last edited by Hello-World; 10-07-2009 at 03:38 PM.
Reason: add url
|
|
|
|
|
10-07-2009, 08:00 AM
|
#2
|
|
Senior Member
Registered: May 2008
Posts: 2,843
|
PAM adds more options/features to authentication, not more security. If you only have basic needs then Slackware's 'shadow' password suite should be more than sufficient.
Though SElinux has it's place, it can be more trouble than it's worth as it's very involved and difficult to create a robust policy from what I've read.
Unless you have a very detailed understanding of them and a lot of time to get the policies right for your system's needs, you're probably just as likely to introduce security vulnerabilities with those two, as you are to fix them,
xinetd I'm not sure what you're referring to? In what way is it more secure than slackware's inetd/tcpd setup?
|
|
|
|
|
10-07-2009, 08:16 AM
|
#3
|
|
Senior Member
Registered: Mar 2004
Location: Prince Rupert, B.C., Canada
Distribution: Slackware
Posts: 3,654
|
To keep your Slackware system secure I recommend that you subscribe to the Slackware security mailing list.
http://www.slackware.com/lists/
As security updates are released to Slackware mirrors you will receive an e-mail notification from the Slackware security team.
To easily update your Slackware system with the latest security patches I recommend that you use the slackpkg program that ships with Slackware. Slackware is legendary for security and stability. As security issues arise patches to correct the problems are quickly released.
http://www.slackpkg.org/documentation.html |
|
|
|
|
10-07-2009, 08:55 AM
|
#4
|
|
LQ Newbie
Registered: Oct 2009
Location: Egypt مصر
Distribution: Slackware & CentOS
Posts: 5
Original Poster
Rep:
|
Many thanks for response :-)
The propose from my question is gain more knowledge on how Slackware do things
I read official Slackbook http://slackbook.org & www.slackbasics.org
I use slackpkg to update my system periodically
Traditional unix like shadow is great
but some distro provide more options for example AppArmor with novell SLES and SELinux with redhat and derivatives and debian and derivatives ..etc.
Again :-) how can slackware achieve ==> robust , very stable ....etc :-) |
|
|
|
|
10-07-2009, 09:08 AM
|
#5
|
|
LQ 5k Club
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Debian Squeeze (server), Slackware 13.37 (netbook), Slackware64 14.0 (desktop),
Posts: 8,357
|
Quote:
Originally Posted by Hello-World
but some distro provide more options for example AppArmor with novell SLES and SELinux with redhat and derivatives and debian and derivatives ..etc.
|
Sounds good. Nice name. May develop into something useful. Those were my conclusions from netsearching about AppArmor; after reviewing its config (on ubuntu) I uninstalled it as being more trouble (slowing boot a little, adding to general bloat) than its benefits were worth.
If you have enough expertise and resources to fully understand it and add to the configuration it might be a valuable tool ...
EDIT: security is a process rather than an install-time task and part of that process is fully understanding the system. Slackware's simplicity should aid, whereas a more tailored, complex system would make it harder ... ?
Last edited by catkin; 10-07-2009 at 09:11 AM.
|
|
|
|
|
10-07-2009, 09:10 AM
|
#6
|
|
Moderator
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 10,356
|
Hi,
Welcome to LQ & Slackware!
You can compare all you want with other distro but Slackware is secure. Remove any services that you don't need or may cause a problem with your use of the system. PAM and other forms can provide holes if not implemented properly thus providing a false sense. If you setup with proper security for your system via firewall, chkrootkit an even Tripwire then the system will be secure to level of the user(s) abilities. You as the admin must provide some system sense when implementing any distribution. If your servicing other OS then that will present other problems that must be addressed. Let's not compare apples to oranges. 
A few links to aid you;
SlackwareŽ Essentials
SlackwareŽ Basics
Linux Documentation Project
Rute Tutorial & Exposition
Linux Command Guide
Linux Newbie Admin Guide
LinuxSelfHelp
Getting Started with Linux
Advanced Bash-Scripting Guide
These links and others can be found at ' Slackware-Links'. More than just SlackwareŽ links! |
|
|
|
|
10-07-2009, 01:22 PM
|
#7
|
|
Member
Registered: Aug 2009
Distribution: Slackware 13 64bit
Posts: 534
Rep: 
|
If you follow good security practices, stay up to date, configur minimal access and permissions, secure options for each program etc, then slackware can be quite secure.
xinetd does not add additional security, it adds additional options that can help with security in certain contexts.
PAM can be quite useful, and would in some context be required. It is not needed to secure a system however, and by itself does not add to security.
For unbeatable MAC/RBAC security, in the vein of SELinux, you may want to look at RSBAC. It is a smaller project, and requires a custom kernel, but I have found it to work far better with slackware, and be compatible with the philosphy.
Basically, anything you want to control or limit access to and how is possible, limited only by your imagination. Worth a look.
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 06:26 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
