I read it in the past and I think some things are easily fixable on
FreeBSD release side and should be fixed. Some things we modified on our
installs.
Miroslav Lachman
_______________________________________________
freebsd-...@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-securi...@freebsd.org"
> Dear List,
>
> Not sure this has been shared here:
>
> https://vez.mrsk.me/freebsd-defaults.txt
>
> Some good points, others not so…
>
> Nevertheless a good read and food for thought and discussion.
Most points is just inconvenience w/o security.
IMHO, yes.
>If you need hardening, you should always check and know your system.
because also if you don't need hardening you should always check and know your system.
>I assume the virgin installed system will be ready to be remotely
>configured (e.g. sshd running, no firewall).
This will be as well with minimum sshd configuration and firewall activated.
>If we can assume that this About blob from the FreeBSD site is it’s mission statement: “””” >https://www.freebsd.org/about.html What is FreeBSD? FreeBSD is an operating system for a variety of >platforms which focuses on features, speed, and stability. It is derived from BSD, the version of >UNIX® deve…
And thats the problem, there is no word about security in this mission statement, but maybe it should be there in the actual word.
Just my 2 cents