Sun Mar 30 08:59:23 UTC 2008

A Secure OS?

--

What makes an OS secure?

Certainly you can get your hands on OSs that are known to be insecure … by which I mean that the vendor is able to show you the list of known vulnerabililties for which no patch or reasonable remediation is available. And I'm sure you can guess the names of some of these.

And from the set of OSs that are not known to be insecure, you can figure that some of them are only “not known” because the vendor/distributor simply doesn't want to know.

OpenBSD knows itself to be secure – and even with the handful of problems that show up over time, I'd tend to believe it. The same goes for qmail. But both of them are hard work to learn how to set up properly, and don't tend to have many current “features”.

A build-by-hand system, with the administrator following every vulnerability and patch release, is theoretically excellent … but takes far too much time away from real work.

Debian & Ubuntu suspect themselves to be secure, and know that they have a decent mechanism to fix problems when they are found – their Security Teams may not be as responsive as the upstream package teams, but they promise not to break version compatibility when patching, which is one of the biggest problems that the hand-builder encounters.

Of those last three categories, I'd tend to recommend the OpenBSD style for an install-once and forget type of system, and the Debian/Ubuntu for a install-many-times and regularly update one.

Of course, with Debian/Ubuntu, you must never install packages that don't come from repository sections that are looked after by the Security Team itself. Under those circumstances, you're better advised to set up your own repository for build-by-hand packages, and maintain those exceptions carefully yourself.