Date: Sat, 18 Sep 1999 00:11:35 -0700 (PDT) From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> To: wes@softweyr.com (Wes Peters) Cc: imp@village.org (Warner Losh), brett@lariat.org (Brett Glass), security@FreeBSD.ORG Subject: Re: BPF on in 3.3-RC GENERIC kernel Message-ID: <199909180711.AAA50768@gndrsh.dnsmgr.net> In-Reply-To: <37E33885.B2B42D8C@softweyr.com> from Wes Peters at "Sep 18, 1999 01:00:21 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> Warner Losh wrote: > > > > In message <37E32365.B9F9573B@softweyr.com> Wes Peters writes: > > : Worked for me. A well-written, accurate analogy too. > > > > I'll have to try again later... I'd be very interested in this. I > > personally think that schg is useful against accidental mistakes, but > > flawed in implementation. > > Agreed. It's a good tool, but isn't going to stop somebody who's both > clever and dedicated. A similar facility in VMS didn't stop Kevin > Mittnick from stealing the VMS source code from my ex-boss. ;^) But SYS$AUDIT would have at least let him know it was stolen :-). And perhaps alerted him before Kevin got out the door with the tape. > > > Although some of that may be due to inperfections in /etc/rc and > > friends. > > I think a lot of the system startup just happened, rather than being > designed from a security standpoint. I'm attempting to land myself a > job where I would be paid to fix this, among other things. I'll let > you all know if/when it happens. 99% of most OS's ``just happen'' without concern for secuirity. And good luck on that new work load your digging yourself in for!! -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909180711.AAA50768>