What are the security differencs between RHEL4 and RHEL5?
Good Morning Everyone,
Does anyone know the security differencs between RHEL4 and RHEL5? thank you. -windowsnot |
That's a hard question to answer. Two things come to mind:-
Are you concerned about anything specifically? |
Quote:
Yes...I am more concerned with things like auditd, faillog, security relevant objects. Are they still the same in RHEL5 Has any new software been added to RHEL5 that can be considered security hazard? My current job requires that a version of OS that has never been installed be pre-approved by our security team before it can be loaded on a system... the IS security team would like to know what the significant differences in security are from RHEL4 to RHEL5. Of course I can't tell them because I can't load it on a system until it is approved... :cry: They have sent me on a goose chase to find out what the differences are and present them the details so that we can officially used RHEL5 for production use... |
The best way to answer that is to look at the changelogs, they will tell you what is different between the 2 versions and to which version packages are at. Though frankly I would have thought that assessing security is part of the security team's remit not yours...?
|
Quote:
but it is one of those things that you can't argue with... Thanks for the info I will check that out... |
This may not explain the difference between RH4 and RH5 too well, but it may give you a little ammunition to make the case for 5.
From the RHEL 5 Features page: Quote:
Hope that helps! |
would it not be better for them to install it one one non-production fully isolated test bed and then thoroughly asses that,
|
Quote:
Audit subsystem support for process-context based filtering (2.6.17) more filter rule comparators (2.6.17) TCP/UDP getpeercon: enabled security-aware applications to retrieve the entire security context of a process on the other side of a socket using an IPSec security association. If only MLS-level information is needed or interoperability with legacy unix system is required, NetLabel can be used in place of IPSec. |
I'm moving this to Red Hat, as it's a 100% distro-specific question.
I'll leave a redirect in Security for a few days. |
MySQL 5
You get the latest version of MySQL, instead of purchasing it in an application stack add-on.
|
All times are GMT -5. The time now is 11:20 PM. |