[1398] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Debian vs. Red Hat

daemon@ATHENA.MIT.EDU (Kevin at Paranoia)
Wed Jan 22 11:15:12 1997

To: linux-security@redhat.com
Date: Tue, 21 Jan 1997 11:09:07 -0600
From: Kevin at Paranoia <kevintx@ministry.paranoia.com>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com

Can anyone provide me with their (fairly) impartial opinion on which major
current distribution (Debian 1.2 or Red Hat 4.0) provides better security?
I have heard a lot of people sticking up for their favorite, but few real
facts/insights on them from a security point of view.  Red Hat seems to be
favored by novices for no-brainer installation and graphical configuration
programs (which I'm hoping are optional).  What about the competent users
who will integrate their own compiles with the binary packages and handle
their own configuration?  These particular issues come to mind..

 . Does either contain many distribution-specific security bugs?
 . How quickly are fixed packages available to these bugs?  Common bugs?
 . How readily do users find out about necessary updates or bugfixes?
 . Is each update available in both package and (souce) patch form?
 . Is each documented well enough that users can review them easily?
 . Is the source code and patch(es) to every package always available?

I doubt this topic should occupy the list's time, but your replies to me
directly are very much appreciated.

[mod: Please reply to Kevin. Kevin, please summarize in about a week. --REW]

thanks,
kevin
-- 
   kevintx@ministry.paranoia.com     (personal priority mail address)
   <a href="http://www.paranoia.com/"> got nothing better to do? </a>
"The Internet interprets the US Congress as damage and routes around it"


home help back first fref pref prev next nref lref last post