From owner-freebsd-security Thu Jun 26 17:31:16 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id RAA22625 for security-outgoing; Thu, 26 Jun 1997 17:31:16 -0700 (PDT) Received: from uucp1.nwnexus.com (uucp1.nwnexus.com [206.63.63.110]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA22620 for ; Thu, 26 Jun 1997 17:31:13 -0700 (PDT) Received: from readybox.com (uucp@localhost) by uucp1.nwnexus.com (8.8.5/8.8.5) with UUCP id RAA28600 for freebsd-security@freebsd.org; Thu, 26 Jun 1997 17:31:12 -0700 (PDT) Received: (from gfm@localhost) by angel.readybox.com (8.6.8/8.6.6) id RAA12178 for freebsd-security@freebsd.org; Thu, 26 Jun 1997 17:29:46 -0700 Date: Thu, 26 Jun 1997 17:29:46 -0700 From: Frank McCormick Message-Id: <199706270029.RAA12178@angel.readybox.com> To: freebsd-security@freebsd.org Subject: Minimum files for operation Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Does anyone know of a list compiled somewhere, naming the handful of files required for minimal operation of FreeBSD? The security-related literature I've been through emphasizes the need to secure the hosts themselves, partly through removing any unneeded files. (If you're running a mail hub, you probably don't need a C compiler. If you are providing only Web service with static pages, you should remove the perl interpreter. And so on.) So what is the truly minimum set of files needed for common server chores? Obviously, everyone needs an init, everyone needs the relevant /dev files, everyone needs cron, etc, etc. Has anyone ever drawn up a list saying, in effect, "For a mail hub, use only these files. For a DNS server, use these"? Frank McCormick