Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>> 1.1.2 Minimize Software to Minimize Vulnerability > >I agree on yum. If the attacker has root and can run yum. It is too late.

You missed the point. More software means a larger attack surface. Minimizing software isn't meant to keep an attacker from installing software, it is meant to keep an attacker from using unmaintained/unneeded software to compromise the box in the first place.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: