Security Portal: Debian 2.2 [Security issues in the newest release]Aug 30, 2000, 13:14 (13 Talkback[s])
(Other stories by Kurt Seifried)
"I wanted to write a really positive article about Debian 2.2, which was just released a few weeks ago. Unfortunately, I can't. While Debian itself is a reasonably well-done Linux distribution, it has some major security issues."
"Before you flame me, please read the entire article. I realize there are a lot of nice things about Debian, but I've also found a lot of problems. The odd thing is that Debian seems to have gotten the niggly little details right, but there are major issues they haven't addressed."
"I did several installations, and I can safely say I don't terribly like the defaults Debian uses. The first thing I noticed was that while formatting the disk, Debian defaults to an enormous / partition and a swap partition. Unless you use quotas, a user can easily fill up the disk (/home/username, /tmp, /var/spool/mail/username, etc.). While a certain percentage is reserved for root, that doesn't help other users much. Admittedly, most distributions (or operating systems in general, for that fact) don't do a great job of this. But there are a few, like Red Hat, that do."