LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 10-07-2009, 06:35 AM   #1
Hello-World
LQ Newbie
 
Registered: Oct 2009
Location: Egypt مصر
Distribution: Slackware & CentOS
Posts: 5

Rep: Reputation: 0
Question About security in Slackware


General Question about security in Slackware GNU/Linux :-)

Slackware not use PAM , SELinux & xinetd
What the equivalent methods in Slackware to implement security ?

^_^ a ^_^ PAM Pluggable Authentication Modules provide dynamic authorization for applications and services in a Linux system

^_^ b ^_^ SELinux used to add more security for system for example restrict root user privileges ( root can do anything )

^_^ c ^_^ xinetd new internet super server most distro use it instead of old inetd to achieve more security

I need know how can slackware achieve ==> robust , very stable ....etc

Just by select stable versions of software packages & KISS principle

What is the way ? i need more knowledge :-)

I am new in amazing Slackware land :-)

Last edited by Hello-World; 10-07-2009 at 03:38 PM. Reason: add url
 
Old 10-07-2009, 08:00 AM   #2
GazL
Senior Member
 
Registered: May 2008
Posts: 3,380

Rep: Reputation: 913Reputation: 913Reputation: 913Reputation: 913Reputation: 913Reputation: 913Reputation: 913Reputation: 913
PAM adds more options/features to authentication, not more security. If you only have basic needs then Slackware's 'shadow' password suite should be more than sufficient.

Though SElinux has it's place, it can be more trouble than it's worth as it's very involved and difficult to create a robust policy from what I've read.

Unless you have a very detailed understanding of them and a lot of time to get the policies right for your system's needs, you're probably just as likely to introduce security vulnerabilities with those two, as you are to fix them,

xinetd I'm not sure what you're referring to? In what way is it more secure than slackware's inetd/tcpd setup?
 
Old 10-07-2009, 08:16 AM   #3
hitest
Senior Member
 
Registered: Mar 2004
Location: Prince Rupert, B.C., Canada
Distribution: Slackware, OpenBSD
Posts: 4,163

Rep: Reputation: 527Reputation: 527Reputation: 527Reputation: 527Reputation: 527Reputation: 527
To keep your Slackware system secure I recommend that you subscribe to the Slackware security mailing list.

http://www.slackware.com/lists/

As security updates are released to Slackware mirrors you will receive an e-mail notification from the Slackware security team.
To easily update your Slackware system with the latest security patches I recommend that you use the slackpkg program that ships with Slackware. Slackware is legendary for security and stability. As security issues arise patches to correct the problems are quickly released.

http://www.slackpkg.org/documentation.html
 
Old 10-07-2009, 08:55 AM   #4
Hello-World
LQ Newbie
 
Registered: Oct 2009
Location: Egypt مصر
Distribution: Slackware & CentOS
Posts: 5

Original Poster
Rep: Reputation: 0
Smile

Many thanks for response :-)

The propose from my question is gain more knowledge on how Slackware do things

I read official Slackbook http://slackbook.org & www.slackbasics.org

I use slackpkg to update my system periodically

Traditional unix like shadow is great
but some distro provide more options for example AppArmor with novell SLES and SELinux with redhat and derivatives and debian and derivatives ..etc.

Again :-) how can slackware achieve ==> robust , very stable ....etc :-)
 
Old 10-07-2009, 09:08 AM   #5
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Servers: Debian Squeeze and Wheezy. Desktop: Slackware64 14.0. Netbook: Slackware 13.37
Posts: 8,541
Blog Entries: 28

Rep: Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176
Quote:
Originally Posted by Hello-World View Post
but some distro provide more options for example AppArmor with novell SLES and SELinux with redhat and derivatives and debian and derivatives ..etc.
Sounds good. Nice name. May develop into something useful. Those were my conclusions from netsearching about AppArmor; after reviewing its config (on ubuntu) I uninstalled it as being more trouble (slowing boot a little, adding to general bloat) than its benefits were worth.

If you have enough expertise and resources to fully understand it and add to the configuration it might be a valuable tool ...

EDIT: security is a process rather than an install-time task and part of that process is fully understanding the system. Slackware's simplicity should aid, whereas a more tailored, complex system would make it harder ... ?

Last edited by catkin; 10-07-2009 at 09:11 AM.
 
Old 10-07-2009, 09:10 AM   #6
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 11,146
Blog Entries: 3

Rep: Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406
Hi,

Welcome to LQ & Slackware!

You can compare all you want with other distro but Slackware is secure. Remove any services that you don't need or may cause a problem with your use of the system. PAM and other forms can provide holes if not implemented properly thus providing a false sense. If you setup with proper security for your system via firewall, chkrootkit an even Tripwire then the system will be secure to level of the user(s) abilities. You as the admin must provide some system sense when implementing any distribution. If your servicing other OS then that will present other problems that must be addressed. Let's not compare apples to oranges.

A few links to aid you;

SlackwareŽ Essentials
SlackwareŽ Basics
Linux Documentation Project
Rute Tutorial & Exposition
Linux Command Guide
Linux Newbie Admin Guide
LinuxSelfHelp
Getting Started with Linux
Advanced Bash-Scripting Guide

These links and others can be found at 'Slackware-Links'. More than just SlackwareŽ links!
 
Old 10-07-2009, 01:22 PM   #7
Josh000
Member
 
Registered: Aug 2009
Distribution: Slackware 13 64bit
Posts: 534

Rep: Reputation: 35
If you follow good security practices, stay up to date, configur minimal access and permissions, secure options for each program etc, then slackware can be quite secure.

xinetd does not add additional security, it adds additional options that can help with security in certain contexts.

PAM can be quite useful, and would in some context be required. It is not needed to secure a system however, and by itself does not add to security.

For unbeatable MAC/RBAC security, in the vein of SELinux, you may want to look at RSBAC. It is a smaller project, and requires a custom kernel, but I have found it to work far better with slackware, and be compatible with the philosphy.

Basically, anything you want to control or limit access to and how is possible, limited only by your imagination. Worth a look.
 
  


Reply

Tags
security, slackware


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Slackware security? avalanch Linux - Security 2 05-25-2009 03:09 PM
Security update and hardware: To Slackware or not to Slackware... Vrajgh Slackware 29 12-04-2007 04:35 PM
Security In Slackware?? xgreen Slackware 23 03-27-2005 08:11 PM
slackware security e1000 Slackware 3 11-15-2003 02:33 PM
Slackware Security Update: GDM security update phoeniXflame Slackware 2 08-26-2003 04:21 PM


All times are GMT -5. The time now is 01:23 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration