source: postlfs/security/security.xml@ f97d5f6

10.0 10.1 11.0 7.10 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind ken/refactor-virt lazarus nosym perl-modules qt5new trunk xry111/git-date xry111/git-date-for-trunk xry111/git-date-test
Last change on this file since f97d5f6 was f97d5f6, checked in by Bruce Dubbs <bdubbs@…>, 6 years ago

Add libinput, wayland, and libpwquality for KDE Plasma5.
Add preliminary Plasma5 instructions. Packages build, but the
desktop does not yet run properly.

git-svn-id: svn:// af4574ff-66df-0310-9fd7-8a98e5e911e0

  • Property mode set to 100644
File size: 3.8 KB
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
13<chapter id="postlfs-security">
14 <?dbhtml filename="security.html"?>
16 <title>Security</title>
18 <para>Security takes many forms in a computing environment. After some
19 initial discussion, this chapter
20 gives examples of three different types of security: access, prevention
21 and detection.</para>
23 <para>Access for users is usually handled by <command>login</command> or an
24 application designed to handle the login function. In this chapter, we show
25 how to enhance <command>login</command> by setting policies with
26 <application>PAM</application> modules. Access via networks
27 can also be secured by policies set by <application>iptables</application>,
28 commonly referred to as a firewall. The Network Security Services (NSS) and
29 Netscape Portable Runtime (NSPR) libraries can be installed and shared among
30 the many applications requiring them. For applications that don't offer the
31 best security, you can use the <application>Stunnel</application> package to
32 wrap an application daemon inside an SSL tunnel.</para>
34 <para>Prevention of breaches, like a trojan, are assisted by applications like
35 <application>GnuPG</application>, specifically the ability to confirm signed
36 packages, which recognizes modifications of the tarball
37 after the packager creates it.</para>
39 <para> Finally, we touch on detection with a package that stores "signatures"
40 of critical files (defined by the administrator) and then regenerates those
41 "signatures" and compares for files that have been changed.</para>
43 <xi:include xmlns:xi="" href="vulnerabilities.xml"/>
44 <xi:include xmlns:xi="" href="cacerts.xml"/>
45 <xi:include xmlns:xi="" href="consolekit.xml"/>
46 <xi:include xmlns:xi="" href="cracklib.xml"/>
47 <xi:include xmlns:xi="" href="cyrus-sasl.xml"/>
48 <xi:include xmlns:xi="" href="gnupg2.xml"/>
49 <xi:include xmlns:xi="" href="gnutls.xml"/>
50 <xi:include xmlns:xi="" href="gpgme.xml"/>
51 <xi:include xmlns:xi="" href="haveged.xml"/>
52 <xi:include xmlns:xi="" href="iptables.xml"/>
53 <xi:include xmlns:xi="" href="firewalling.xml"/>
54 <xi:include xmlns:xi="" href="libcap.xml"/>
55 <xi:include xmlns:xi="" href="linux-pam.xml"/>
56 <xi:include xmlns:xi="" href="libpwquality.xml"/>
57 <xi:include xmlns:xi="" href="mitkrb.xml"/>
58 <xi:include xmlns:xi="" href="nettle.xml"/>
59 <xi:include xmlns:xi="" href="nss.xml"/>
60 <xi:include xmlns:xi="" href="openssh.xml"/>
61 <xi:include xmlns:xi="" href="openssl.xml"/>
62 <xi:include xmlns:xi="" href="p11-kit.xml"/>
63 <xi:include xmlns:xi="" href="polkit.xml"/>
64 <xi:include xmlns:xi="" href="shadow.xml"/>
65 <xi:include xmlns:xi="" href="ssh-askpass.xml"/>
66 <xi:include xmlns:xi="" href="stunnel.xml"/>
67 <xi:include xmlns:xi="" href="sudo.xml"/>
68 <xi:include xmlns:xi="" href="tripwire.xml"/>
Note: See TracBrowser for help on using the repository browser.