summaryrefslogtreecommitdiffstats
path: root/wiki/src/blueprint/blacklist_modules.mdwn
diff options
context:
space:
mode:
author127.0.0.1 <127.0.0.1@web>2015-01-07 17:53:40 +0100
committeramnesia <webmaster@amnesia.boum.org>2015-01-07 17:53:40 +0100
commit021da4794b5bf668690c0c2c60318bb0f411cb41 (patch)
treeed42f536f4bdd34fb6511c3a53863eb5f4ae69bc /wiki/src/blueprint/blacklist_modules.mdwn
parent035b72050711b85756f73828e505f5eadd35b4f6 (diff)
added additional information
Diffstat (limited to 'wiki/src/blueprint/blacklist_modules.mdwn')
-rw-r--r--wiki/src/blueprint/blacklist_modules.mdwn10
1 files changed, 10 insertions, 0 deletions
diff --git a/wiki/src/blueprint/blacklist_modules.mdwn b/wiki/src/blueprint/blacklist_modules.mdwn
index e49e0a5..7d1e833 100644
--- a/wiki/src/blueprint/blacklist_modules.mdwn
+++ b/wiki/src/blueprint/blacklist_modules.mdwn
@@ -1,5 +1,8 @@
[[!toc levels=2]]
+Debian ships a long list of modules for wide support of devices, filesystems, protocols. Some of these modules have a pretty bad security track record, and some of those are simply not used by most of our users.
+
+Other distributions like Ubuntu[1] and Fedora[2] already ship a blacklist for various network protocols which aren't much in use by users and have a poor security track record.
Corresponding tickets:
* [[!tails_ticket 7575]]
@@ -20,3 +23,10 @@ Modules to remove
* p8023: [[!wikipedia Ethernet_frame#Novell_raw_IEEE_802.3]], was used by Novel NetWare until the mid-nineties; **FIXME: explanation**
* llc: (ANSI/IEEE 802.2 LLC type 2 Support, [[!wikipedia IEEE_802.2]] **FIXME: explanation**
* p8022: [[!wikipedia IEEE_802.2]] **FIXME: explanation**
+* decnet: The Linux DECnet Network Protocol FIXME: explanation
+* econet: FIXME: explanation
+* netrom: The amateur radio NET/ROM network and transport layer protocol FIXME: explanation
+* af_802154: FIXME: explanation
+
+[1] https://wiki.ubuntu.com/Security/Features#blacklist-rare-net
+[2] https://fedoraproject.org/wiki/Security_Features_Matrix#Blacklist_Rare_Protocols