Topic: e-smith exploits & security

[David Bakody]

Since e-smith is based on Red Hat, Apache, etc, does it share the same default exploits that can be found in those packages?  If so, would one want to follow Red Hat security updates and apply those patches to an e-smith system?

[Charlie Brady]

David Bakody wrote:

> Since e-smith is based on Red Hat, Apache, etc, does it share
> the same default exploits that can be found in those packages?

Only sometimes. Firstly many of the packages from RedHat are not installed on an e-smith server and gateway. Secondly, those packages which are installed may be configured and operated only in ways in which vulnerabilities cannot be exploited - the perl and mailx packages are examples in point. And finally, some security updates have already been applied to the e-smith distribution before it is released.

> If so, would one want to follow Red Hat security updates and
> apply those patches to an e-smith system?

The e-smith team monitors security updates very closely - any necessary updates will be highlighted on the www.e-smith.com site.  Nevertheless you should be able to apply any relevant updates you find if you wish.

Regards

Charlie