info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Securing Debian Manual too old?
0 views
Skip to first unread message
Stephan Seitz
Jun 23, 2023, 7:00:03 AM6/23/23
to
Hi!
I found the Securing Debian Manual
(https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html).
This version is from 2017.
It has „Chapter 6. Automatic hardening of Debian systems” which mentions
Harden packages and Bastille. None of these packages exist anymore in
Debian 11 or 12.
https://bastille-linux.sourceforge.net/running_bastille_on.htm#debian
lets you follow a link to http://packages.debian.org/bastille but without
results.
So what happened here?
Many greetings,
Stephan
--
| If your life was a horse, you'd have to shoot it. |
I found the Securing Debian Manual
(https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html).
This version is from 2017.
It has „Chapter 6. Automatic hardening of Debian systems” which mentions
Harden packages and Bastille. None of these packages exist anymore in
Debian 11 or 12.
https://bastille-linux.sourceforge.net/running_bastille_on.htm#debian
lets you follow a link to http://packages.debian.org/bastille but without
results.
So what happened here?
Many greetings,
Stephan
--
| If your life was a horse, you'd have to shoot it. |
Konstantin Khomoutov
Jun 23, 2023, 11:10:03 AM6/23/23
to
On Fri, Jun 23, 2023 at 12:40:19PM +0200, Stephan Seitz wrote:
> I found the Securing Debian Manual
> (https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html).
> This version is from 2017.
>
> It has „Chapter 6. Automatic hardening of Debian systems” which mentions
> Harden packages and Bastille. None of these packages exist anymore in Debian
> 11 or 12.
>
> https://bastille-linux.sourceforge.net/running_bastille_on.htm#debian lets
> you follow a link to http://packages.debian.org/bastille but without
> results.
>
> So what happened here?
I cannot say anything on the Securing Debian manual but when you're interested
> I found the Securing Debian Manual
> (https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html).
> This version is from 2017.
>
> It has „Chapter 6. Automatic hardening of Debian systems” which mentions
> Harden packages and Bastille. None of these packages exist anymore in Debian
> 11 or 12.
>
> https://bastille-linux.sourceforge.net/running_bastille_on.htm#debian lets
> you follow a link to http://packages.debian.org/bastille but without
> results.
>
> So what happened here?
in digging up the fate of a particular package in Debian, you can roll like
this:
1) Go to the "package tracker", and search for the package of interest.
In this particular case, there was no need to search as a plain guess
that it should (have been) named "bastille" worked -
https://tracker.debian.org/bastille is the URL of interest.
2) There, you can examine the package's status - it's sort of a dashboard.
In the case of bastille, you can see that the last entry in the log
of the package activity says it has been removed from unstable.
Examining that [1] will tell you the reason, and provide further pointers.
1. https://tracker.debian.org/news/589646/bug718783-removed-packages-from-unstable/
Moritz Mühlenhoff
Jul 11, 2023, 5:00:04 PM7/11/23
to
Stephan Seitz <stse+...@rootsland.net> writes:
> Hi!
>
> I found the Securing Debian Manual
> (https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html).
> This version is from 2017.
This document is in fact too outdated and not in a shape we should
> Hi!
>
> I found the Securing Debian Manual
> (https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html).
> This version is from 2017.
prominently present it on the Debian website, thanks for flagging it.
It even predates systemd and no mention of it at all...
Can you please "reportbug www.debian.org" asking to remove it from the
website?
It's also packaged as src:harden-doc and probably stick around in
case someone wants to improve it going forward.
Cheers,
Moritz
Holger Levsen
Jul 12, 2023, 6:50:04 AM7/12/23
to
package: developers-reference
x-debbugs-cc: debian-...@lists.debian.org
hi,
On Tue, Jul 11, 2023 at 10:46:20PM +0200, Moritz Mühlenhoff wrote:
> > I found the Securing Debian Manual
> > (https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html).
> > This version is from 2017.
>
> This document is in fact too outdated and not in a shape we should
> prominently present it on the Debian website, thanks for flagging it.
> It even predates systemd and no mention of it at all...
>
> Can you please "reportbug www.debian.org" asking to remove it from the
> website?
https://www.debian.org/doc/manuals/developers-reference/best-pkging-practices.en.html#best-practices-around-security
currently contains this text:
<quote>
Best practices around security
================================================================================================================================
A set of suggestions and links to other reference documents around
security aspects for packaging can be found at the `Developer's Best
Practices for OS Security chapter inside the Securing Debian Manual
<https://www.debian.org/doc/manuals/securing-debian-manual/ch09.en.html>`__.
</quote>
and unsure what to do now, as I'd like to keep the anchor and chapter, so
just dropping this would be wrong. Help welcome.
> It's also packaged as src:harden-doc and probably stick around in
> case someone wants to improve it going forward.
I'm not even sure this is useful to keep around. :/
--
cheers,
Holger
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org
⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
⠈⠳⣄
Just today, over 800 women will have died due to preventable pregnancy and
birth complications, over 130 due to femicide.
https://www.who.int/news-room/fact-sheets/detail/maternal-mortality
https://en.wikipedia.org/wiki/Femicide#Worldwide
x-debbugs-cc: debian-...@lists.debian.org
hi,
On Tue, Jul 11, 2023 at 10:46:20PM +0200, Moritz Mühlenhoff wrote:
> > I found the Securing Debian Manual
> > (https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html).
> > This version is from 2017.
>
> This document is in fact too outdated and not in a shape we should
> prominently present it on the Debian website, thanks for flagging it.
> It even predates systemd and no mention of it at all...
>
> Can you please "reportbug www.debian.org" asking to remove it from the
> website?
currently contains this text:
<quote>
Best practices around security
================================================================================================================================
A set of suggestions and links to other reference documents around
security aspects for packaging can be found at the `Developer's Best
Practices for OS Security chapter inside the Securing Debian Manual
<https://www.debian.org/doc/manuals/securing-debian-manual/ch09.en.html>`__.
</quote>
and unsure what to do now, as I'd like to keep the anchor and chapter, so
just dropping this would be wrong. Help welcome.
> It's also packaged as src:harden-doc and probably stick around in
> case someone wants to improve it going forward.
--
cheers,
Holger
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org
⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
⠈⠳⣄
Just today, over 800 women will have died due to preventable pregnancy and
birth complications, over 130 due to femicide.
https://www.who.int/news-room/fact-sheets/detail/maternal-mortality
https://en.wikipedia.org/wiki/Femicide#Worldwide
0 new messages