From owner-freebsd-security Tue Aug 27 12:54:19 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3395637B400 for ; Tue, 27 Aug 2002 12:54:16 -0700 (PDT) Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.157.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 18E8B43E77 for ; Tue, 27 Aug 2002 12:53:10 -0700 (PDT) (envelope-from mark@grimreaper.grondar.org) Received: from storm.FreeBSD.org.uk (uucp@localhost [127.0.0.1]) by storm.FreeBSD.org.uk (8.12.5/8.12.5) with ESMTP id g7RJPFMA098886; Tue, 27 Aug 2002 20:25:15 +0100 (BST) (envelope-from mark@grimreaper.grondar.org) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.12.5/8.12.5/Submit) with UUCP id g7RJPFpb098885; Tue, 27 Aug 2002 20:25:15 +0100 (BST) Received: from grimreaper.grondar.org (localhost [127.0.0.1]) by grimreaper.grondar.org (8.12.5/8.12.5) with ESMTP id g7RJLsl5022865; Tue, 27 Aug 2002 20:21:54 +0100 (BST) (envelope-from mark@grimreaper.grondar.org) Message-Id: <200208271921.g7RJLsl5022865@grimreaper.grondar.org> To: David Olbersen Cc: freebsd-security@FreeBSD.ORG Subject: Re: Ports are insecure? References: <20020827165347.GA12522@slickness.org> In-Reply-To: <20020827165347.GA12522@slickness.org> ; from David Olbersen "Tue, 27 Aug 2002 09:53:47 PDT." Date: Tue, 27 Aug 2002 20:21:54 +0100 From: Mark Murray Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > How exactly does that work? Is this based in the idea that nearly > anybody can contribute a port, but the core system is reviewed by a > team? I'm not sure where you read this, but as a general security principle, this is true. The more you run, the more there is to go wrong and the more there is to exploit. In practical terms, regular audits of your machine (look at the output of "netstat -an", "sockstat" and so on) and try to understand your own environment. Understand that the prime question is not "Am I being paranoid?", But "Am I being paranoid _Enough_?" > And, if I'm to believe this and limit my use of ports, doesn't that mean > I'll be doing a lot of build-worlding to update specific applications? There is no silver bullet, there is no algorithm. Swallow a paranoia-pill and start hunting. What you do on your own nets is your business - take charge. M (Any volunteers to maintain a FAQ? This is a doozy.) -- o Mark Murray \_ O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message