[MUD-Dev] Preference for host OS

Travis Casey efindel at earthlink.net
Tue Sep 11 17:35:07 CEST 2001 

On Tuesday 11 September 2001 12:01 am, J C Lawrence wrote:
> Travis Casey <efindel at earthlink.net> wrote:

>> Also, it should be noted that last I checked, Solaris does *not*
>> come with a C compiler (or, more accurately, it comes with a C
>> compiler, but you can't use it unless you pay for a license).
>> You'll either need to install a free one (e.g., gcc) or pay for a
>> license for Sun's.

> Solaris 8 comes with GCC on one of the companion CDs.

That's good, then.  The last time I used Solaris seriously was
either a late 5 or early 6 version.  I'd heard reports from others
more recently that they still didn't include one, but those people
may not have been checking the companion CDs.

>> For something that's just going to be a mud server, if you're
>> going to use Linux, I'd recommend one of the lighter,
>> security-oriented distributions, like Trustix or Immunix.

> While I don't disagree, properly configuring a kernel/process
> capability system is not trivial and can require significant
> learning and analysis curves.  This should be factored in up front
> in the cost/benefit analysis as well in the risk containment
> analysis (which should mostly end up in positive check marks on
> the Immunix/TrusIx etc side).

Well, more than the capability system, I'm thinking of the fact that
a secure system should include as few things by default as possible.
In securing Red Hat/SuSE/Debian/any other "general-purpose" Linux
distribution, there's a lot of packages you're going to need to
remove.  Trustix and Immunix both have a *very* minimal default
installation.  Trustix, which is the one I've actually worked with,
by default configures *no* network-accessible services -- you have
to turn on any network services you want.  IMHO, this is a much
better model for security than having to turn off what you don't
want.

--
       |\      _,,,---,,_     Travis S. Casey  <efindel at earthlink.net>
 ZZzz  /,`.-'`'    -.  ;-;;,_   No one agrees with me.  Not even me.
      |,4-  ) )-,_..;\ (  `'-' 
     '---''(_/--'  `-'\_) 

_______________________________________________
MUD-Dev mailing list
MUD-Dev at kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev

More information about the mud-dev-archive mailing list