From owner-freebsd-stable Mon Sep 6 12:35:39 1999 Delivered-To: freebsd-stable@freebsd.org Received: from shattered.disturbed.net (shattered.disturbed.net [205.236.147.18]) by hub.freebsd.org (Postfix) with ESMTP id 6C0BF15527 for ; Mon, 6 Sep 1999 12:35:35 -0700 (PDT) (envelope-from veers@disturbed.net) Received: from shattered.disturbed.net ([205.236.147.18]:49412 "EHLO shattered.disturbed.net") by disturbed.net with ESMTP id ; Mon, 6 Sep 1999 15:35:17 -0400 Date: Mon, 6 Sep 1999 15:35:16 -0400 (EDT) From: Alex Perel To: Brad Knowles Cc: Dag-Erling Smorgrav , Pascal Hofstee , freebsd-stable@FreeBSD.ORG Subject: Re: softupdates in latest build? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 6 Sep 1999, Brad Knowles wrote: [ -questions removed from CC list ] > And as any lawyer can tell you, this doesn't mean anything. The > sharks are slobbering all over themselves to nail Microsoft over the > recent problems with hotmail, and FreeBSD Inc. could very easily be > setting themselves up for a similar lawsuit. Especially since this > was a change that was not very widely announced (I sure didn't see > anything even in /usr/src/UPDATING, much less on any other web pages > or anything else I've read so far), and this is a negative change > from previous behaviour. Show me your credentials as a lawyer. Don't you think that in all the time since the BSD license was first written, a lawyer has not read it? Do you really believe that it is simply there to deter the stupid and incompetent? > Furthermore, this is built into the GENERIC kernel (and turned on > by default), and we all know that the vast majority of sites will > never figure out how to build their own kernel, nor will they have > any real use for this feature. What you are missing here is that the people who do this are often the same people who type their root passwords over telnet. The FreeBSD project CANNOT be expected ot dumb the system down and remove features for the sake of preventing one particular type of exploit. Not to mention that this one exploit is only even an issue once the perpetraitor has penetrated the system to the point of becoming superuser. By that point, you have much bigger problems. Security is up to the admin. An admin who is not security-conciencious deserves everything he gets. An admin who does not bother to recompile his kernel for his specific system out of lazyness also deserves everything he gets. An admin who compromises his system by typing his root password over an unencrypted link should not complain that his own system is violated. And lets not forget that BPF is needed by a whole slew of applications. Need examples? How about dhcp? tcpdump? verious traffic monitoring software? Why golly, let me see! I've got bpf enabled on each and every one of the machines I admin simply because I find it an invalueable tool for debugging network problems. Where would we be without tcpdump? Hmm? > Once on a box, it's trivially easy to get root. In fact, with > various rootkits lying around, it's easy to do this programmatically > and gain root access to hundreds, thousands, tens of thousands of > machines in just a few minutes. What? Are you from the same planet as the rest of us? Show me a single effective rootkit for a -stable system that will work, consistently, when the admin takes even the most rudimentary measures to prevent exploitation. Like I said above, security is up to the admin. If the admin cannot adequately manage his system and gets cracked, the admin is to blame. Not the operating system, and certainly not the berkeley packet filter. > However, it might be a bit more difficult to script creating and > installing a new kernel to turn on the ability for people to do > password sniffing. If this feature isn't enabled by default, you at > least have the chance that it would be more noticable for them to > build and install a new sniffing-capable kernel, and increase the > chance by just that smidgen more that people would actually see > anomolous behaviour when their machines are compromised, and > potentially be capable of preventing further damage to their networks > and systems. Huh? # echo 'pseudo-device bpf' >> MYKERNEL # config MYKERNEL etc. And what are you going to do when bpf becomes a KLD? Scream and shout that KLDs are evil because they let a cracker who obtained superuser privilige to load BPF support? Alex G. Perel -=- AP5081 veers@disturbed.net -=- veers@samurai.com Disturbed Networks - Powered exclusively by FreeBSD == The Power to Serve -=- http://www.freebsd.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message