Linked by Steve Husted on Mon 12th Apr 2004 09:30 UTC
Slackware, Slax This is an article about my experiences with Slackware 9.1, a distribution of Linux that I find enjoyable, along with programs that I find useful and enjoyable.
Permalink for comment
To read all comments associated with this story, please click here.
RE: Slackware's flaws
by root on Mon 12th Apr 2004 13:27 UTC

Slackware ships with vanilla upstream packages as much as possible. No security patches will be included until they are in in the stock kernel on www.kernel.org. Hardcore Unix administrators have to judge for themselves what kind of security patches they deem worthwile and apply them. Remember, not every security related change is actually an improvement. There's an interesting thread on Slashdot about Slackware not using PAM.

What kind of security features do you think I'm talking about? I'm talking about patches that almost eliminate all sorts of memory corruptions like buffer overflows, stack overflow, stack smashing, race conditions, ipc vulnerabilities etc.

This isn't a judgment call, this is a necessity if you don't want your network to be hacked! I'm talking about reasonable default access control lists for Slackware that enable chroot restrictions and address space modifications. These are mandatory if you run a server. You don't have any of those, you are not secure, and you can be hacked, period!

As for PAM it is only a superficial security barrier, even PAM needs to be patched with PaX to be somewhat safe and of course correctly configured.