“Jon Lasser began the Bastille Linux Project in order to
harden the security of Red Hat Linux, the distribution he uses at
work. In the process, he began looking at the other distributions
to see how they handle security updates, and he was not at all
happy with what he found. In today’s editorial, he shares his
concerns and explains why it matters to you even if you do all your
security monitoring for yourself.”
“As a professional Unix systems administrator, I’m concerned
about system security. Keeping unauthorized users off my systems is
simply part of my job; doing this requires vigilance in the form of
monitoring performance, reading logs, and keeping patches
up-to-date. For me, security is about security; it’s about keeping
my users’ projects safe and keeping them comfortable despite a
full-time connection to the Internet.”
“As Lead Coordinator of the Bastille Linux Project, a hardening
script for Red Hat Linux, I thought my job was to make Linux more
secure so beginning users could easily keep their boxes secure.
Often, new Linux users have no experience as system administrators
or often even any experience with Unix. I thought the best way to
tackle the problem was to make it easy to do the right thing.”