Date: Sun, 09 Jul 2000 20:37:08 -0400 From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> To: Alfred Perlstein <bright@wintelcom.net> Cc: Adam <bsdx@looksharp.net>, arch@FreeBSD.ORG Subject: Re: making the snoop device loadable. Message-ID: <39691AB4.BBC85D45@vangelderen.org> References: <17526.963166640@critter.freebsd.dk> <Pine.BSF.4.21.0007091453481.407-100000@turtle.looksharp.net> <20000709120705.Q25571@fw.wintelcom.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Alfred Perlstein wrote: > > * Adam <bsdx@looksharp.net> [000709 11:57] wrote: > > On Sun, 9 Jul 2000, Poul-Henning Kamp wrote: > > > > >In message <Pine.BSF.4.21.0007091411480.407-100000@turtle.looksharp.net>, Adam > > >writes: > > >>On Sun, 9 Jul 2000, Poul-Henning Kamp wrote: > > >> > > >>> > > >>>>If this change goes in, what do you do if you wish not to have snooping > > >>>>capable through the snp device and do not wish to lock unneccessary parts > > >>>>of the system down with securelevel? > > >>> > > >>>You do the same as before: Hold on tight to your root password. > > >> > > >>I dont like kernel changes that make the kernel do less babysitting and me > > >>more. Tough, I guess. > > > > > >You have always needed to babysit your root password. > > > > Ok, I give in to the argument. I would just like to make a wish. On Jan > > 24 1999 peter took the NO_LKM option out of LINT. I assume the support > > for it in other files was removed around that time also. Could someone > > implement a NO_KLD option so you dont need to use securelevel > 0 so > > people have an obvious option and dont have to know the kernel well enough > > to hack syscalls.master? > > More security through obscurity when /dev/mem and /dev/kmem are > accessable. Nope, this is a valid request nonetheless. It doesn't give perfect security but neither does SSH. There is a whole lot more people who can write a kld than there is people that can patch a running kernel trough /dev/mem. Implementing a NO_KLD option would be harmless and have good uses on boxes where the secure level *cannot* be upped. It doesn't affect security negatively if one doesn't use it. It's not up to you to dictate what Adam should do. Neither is it my job to tell you that you must verify all SSH host-key fingerprints before you accept them! > Bite the bullet and up your securelevel! Not a good idea on all systems. Convenience sometimes outweighs security. FreeBSD is about tools, not about policy. Cheers, Jeroen -- Jeroen C. van Gelderen o _ _ _ jeroen@vangelderen.org _o /\_ _ \\o (_)\__/o (_) _< \_ _>(_) (_)/<_ \_| \ _|/' \/ (_)>(_) (_) (_) (_) (_)' _\o_ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39691AB4.BBC85D45>