Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 06 May 2004 08:06:35 -0500
From: "Steve Bremer" <>
To: <>
Subject: Re: How Owl is better from "other leading linux

>>I don't know about SuSE, but RedHat holds convenience over security in

its priorities. Owl does not.

SuSE is similar. 

>>Owl has a variety of 'quirks' that makes programs work in a 
securityenhanced way. For instance, every user has its own tmpdir, and

with the tcb password scheme a lot of suid root binaries has been 
'demoted' to sgid shadow instead, which ofcourse is far preferrable.

This is a good point, although I would call them 'features' instead of
'quirks'.  ;-)

Before switching from RH to Owl, I used to have a checklist of over 100
items that I would do to each RH machine to help harden it.  It was such
a pleasant surprise when I switched to Owl and discovered that most
(can't remember the exact count now) of the items in my check list were
already done.  This is one of the many reasons I prefer Owl.  Others
follow below:

-Easier to create a minimal install
-The choice of software for network services (vsftpd instead of
wu-ftpd, OpenSSH, postfix instead of sendmail, modified versions of
telnet and dhcpd that run with privsep, etc.)
-Many (most?) of the packages in Owl have custom patches applied to
help reduce security risks (temp file handling fixes, etc).
-The security work that the Openwall Project does benefits all Linux
distros since their security fixes are passed on to the package
maintainers.  So, by supporting the Openwall Project, you are helping to
improve security for everyone who utilizes that software. 
-Slow, steady, safe, reliable development cycle.
-As Andreas pointed out: "Security over features"

I hope this helps.

Steve Bremer
Systems & Security Administrator

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.