Fedora 10
Lisa Kachold
lisakachold at obnosis.com
Sun May 3 14:17:35 MST 2009
Fedora 10 has to be my favorite distro this year. It's absolutely amazing
just how easy Linux installation has become. Setting up KDE and Gnome is
really simple to allow either. Eclipse runs immediately from package
management install with all the plugins!
Here's a great reference for setting up Fedora 10 Personal, with
instructions for adding repos, installing codecs, and turning off unneeded
services: http://www.mjmwired.net/resources/mjm-fedora-f10.html
*Once you get all your codecs setup, test it with free television:
http://freetube.110mb.com/index.php?view=Ac3dmbW92aWVjaXR5*
And the patch process actually works! I won't give you my "coding at 300
baud" ancient history stories, but this is the most powerful system,
incredibly created via open source submissions!
{I actually have had "discussions" with Linux admins who choose NEVER to
patch anything, believe it or not (partly because patch management was
rarely chosen over compiled sources, due to breakage and limitations)!}
Discovery and reporting of security issues is swift, I can't imagine any way
a "profit" based company with top down hierarchical business plan management
could possibly compete with the open source model. Here's three security
issues reported so far:
Fedora Directory Server before 10 allows remote attackers to obtain
sensitive information, such as the password from adm.conf via an IFRAME
element, probably involving an Apache httpd.conf configuration that orders
"allow" directives before "deny" directives.
http://www.securityspace.com/smysecure/catid.html?id=CVE-2005-3630&ctype=cve
tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux (RHEL) 5,
Fedora 9, and Fedora 10 does not log failed authentication attempts to the
OpenPegasus CIM server, which makes it easier for remote attackers to avoid
detection of password guessing attacks.
http://www.securityspace.com/smysecure/catid.html?id=CVE-2008-4315&ctype=cve
ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the
apache user account, and sets the permissions to 0600, which makes it easier
for remote attackers to modify this file by accessing it through a (1) PHP
or (2) CGI script.
http://www.securityspace.com/smysecure/catid.html?id=CVE-2008-6755&ctype=cve
Anyone got any good suggestions for Fedora 10?
www.obnosis.com (503)754-4452
"Contradictions do not exist." A. Rand
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20090503/83936913/attachment.htm
More information about the PLUG-discuss
mailing list