From owner-freebsd-stable Wed Jan 30 21:28:44 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by hub.freebsd.org (Postfix) with ESMTP id 77A2237B400 for ; Wed, 30 Jan 2002 21:28:37 -0800 (PST) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id g0V5SYJ70456; Thu, 31 Jan 2002 00:28:34 -0500 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: <20020130225454.A48040@hellblazer.nectar.cc> References: <200201310042.g0V0g3255325@apollo.backplane.com> <20020130202356.A47852@hellblazer.nectar.cc> <20020130225454.A48040@hellblazer.nectar.cc> Date: Thu, 31 Jan 2002 00:28:33 -0500 To: "Jacques A. Vidrine" From: Garance A Drosihn Subject: Re: Proposed Solution To Recent "firewall_enable" Thread. [Please Read] Cc: Matthew Dillon , freebsd-stable@FreeBSD.ORG Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.3 (www dot roaringpenguin dot com slash mimedefang) Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 10:54 PM -0600 1/30/02, Jacques A. Vidrine wrote: >On Wed, Jan 30, 2002 at 11:21:49PM -0500, Garance A Drosihn wrote: > > If anyone sees that change go by in mergemaster, and they do depend >> on the present behavior, and those comments (or something better >> than those) do not ring an alarm in their heads, then I would be >> either surprised or disturbed. >> >> Maybe even this is too drastic a change for -stable, although I'd >> it would work. > >No, it won't work. Joe Experienced will configure a new system >based on FreeBSD 4.N, and configure `firewall_enable=NO' as he has >always done in the past. But WHAM the behavior of this new system >is drastically different from any previous FreeBSD release that had >a firewall_enable knob. He has no firewall at all, rather than a >firewall which he configured by whatever mechanism. Okay, I can understand that concern. This person could perhaps be saved by having a message print out on the console when firewall is turned off. (ie, if the kernel has a firewall and firewall_enable=no). I would expect a message to console for that anyway. Hell, maybe even write a message every time a person logs into the console, if the firewall was turned off by rc.conf and if it is still off at the time the person logs in. I am not trying to beat a dead horse here, but I will point out that any person who *meant* to disable all network access must be sitting at the console of the machine. We *can* do something to help that person out. But if a person turns on firewall_enable because they expected *no* firewall, then they might not be anywhere near the machine -- because they did not think they needed to be. We can't do anything to help that person once the mistake is made. That is why I still want to suggest some alternatives, even though many people are probably sick of the thread. >In general, it is a bad idea to change the semantics of a system >setting. Notice that when it was determined that we needed a setting >for outbound-only sendmail, that we didn't change the semantics of >`sendmail_enable'. I agree that it is usually a bad idea to make such a change, but in this case I think an exception to that rule would be reasonable. However, I would not object to the change only being made to current, if people do not believe my suggestions will address the concerns of making such a change to stable. Again, I feel a little bad to be extending a thread which has obviously gone on long enough to be annoying to most people, but I still believe a workable and acceptable (to everyone) solution could be found. -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message