> I think that it is possible to build a reasonably secure client OS > (AOL-OS) by implementing automatic patching, installing less stuff and > configuring it tighter. If you make a Playskool UI then you don't have to > worry about all the other things that RH (and others) install. Just remove > it and it's headaches. keeping a machine somewhat secure, in the absence of updates, is not entirely impossible. 1. Run _no_ services. no web server, no napster server, no SMB server. turn off ping responses even, if you can get away with it. even without any firewalling, your system is largely a black hole to anyone going looking for it. 2. run a firewall that filters *outgoing* traffic as well as incoming; so that users can't run userspace daemons that listen on the Internet. this way, even if Pa Kettle downloads some malware and causes it to run; it can't set up a way for attackers to get into the system, and may not even be able to get out to tell attackers what it found. 2a. integrating this with a web proxy/dns cache may speed up browsing as well. 3. partition system security levels. this is the part I'm worried about. to make your system work, you *do* need root-level access for some things (interface configuration, etc). obviously a common soldier in the Army Of Lusers (AOL) won't want to type in a password for this stuff; so they may end up with a holey sudo config, or at worst a single-security-level Linux. (some idjit posted a patch to do this not too long ago). it may sound implausible, but wouldn't be the first time that management/marketing FUBARed something incredibly badly. without good controls for root access, malware can do any d**m thing it pleases. 4. audit applications for ability to run malware. web browsers and e-mail clients are the up-and-coming vectors for worms. I expect we'll see a serious vulnerability in Bloatzilla within a year; it's just so blasted *big* and *unnecessarily complex* that it's hard to audit. this is the tough part. it should be noted that AOHell already has an idiot-grade auto-update feature in it's software; so it shouldn't be that difficult to do something similar under AOLinux (security problems aside). the part that *really* worries me, is how AOL/Time Warner/Redhat/Conglom-O will treat the Open Source developers who are currently working for them. Will Alan Cox deal well with being part of the Army Of Lamers plutocracy? what about the others? Carl Soderstrom. -- "All yOur Linux are belong to us!"