"The wait is almost over. It may have taken two weeks longer than Red Hat would have liked, but Red Hat Enterprise Linux 5, the updated version of the company's commercial Linux platform, will be launched along with a bevy of new products and services on March 14. The delivery of RHEL 5, the fourth major commercial server release for Red Hat, will better position its Linux against Novell's SUSE Linux Enterprise Server 10 as well as Windows, Unix, and proprietary platforms."
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2006-06-04
I don't worry about buffer_overflows or PIE compiled network issues. I have a Windows box for that.
I'm sorry for my bias comment, but I have used Debian and other Debian based distos for 5 years now and I am comfortable with the level of security that I have for my network.
Since I don't run a major computer network for a billion dollar business, maybe I don't really need RHEL 5. (I couldn't afford a copy anyway)
Eitherway, Etch will be perfect for me at least when it (someday) is released.
PS. To help your self esteem, I voted you up one.
Member since:2005-11-05
I honestly don't know why anyone would run Debian or any derivative on a server *ever*. Note that I am saying this while running an Ubuntu desktop.
Back many years ago, we used to joke and call Redhat "Roothat" because several consecutive releases had some sort of remote root in the default (or close to default) installation. Since then, Redhat has taken security seriously.
Redhat takes security proactively and here are a few examples:
- SELinux Mandatory Access Control Targetted policy by default
- Execshield kernel module to use the hardware NX bit in newer cpus AND help prevent some classes of buffer overflows
- Compiling applications with a special version of gcc using an extension called FORTIFY_SOURCE along with using -fstack-protector
- Hardening the c library its self with canary based stack protection (to prevent buffer overflows)
- PIE aka Position Independent Executables
- ELF data hardening
Redhat devotes some very brilliant people to do nothing more than improve the security of their enterprise distribution. People like Russell Coker, who are trying to include proactive security like SELinux into Debian Etch+1 by default get flamed off of the mailinglists.
It is pretty sad that people don't care as much about proactive security as Redhat. This is why no personal server of mine will ever run Debian. However, for a nice easy to use "Just Works TM" desktop, Debian derivatives like Ubuntu work great.
Member since:2007-03-04
Since I don't run a major computer network for a billion dollar business, maybe I don't really need RHEL 5. (I couldn't afford a copy anyway)
You should give CentOS a shot. It's RHEL without the the trademark. Most webhosting companies use CentOS these days because it's arguably the most secure Linux.
Member since:
2005-11-15
Yes, but Etch will be better.
Not in the security area. RHEL5 will have all the security features used in Fedora Core 6 -> http://www.awe.com/mark/blog/200701041544.html
I looked at build logs from Debian packages and they do not use FORTIFY_SOURCE, Stack Smashing Protector, network services are not compiled as PIE, etc. Feel free to prove me wrong
PS That wasn't who voted you down.