Date: Tue, 04 Apr 1995 00:06:51 -0700 From: "Jordan K. Hubbard" <jkh@freefall.cdrom.com> To: Scott Mace <smace@metal-mail.neosoft.com> Cc: current@FreeBSD.org Subject: Re: a few patches... Message-ID: <5522.796979211@freefall.cdrom.com> In-Reply-To: Your message of "Mon, 03 Apr 95 17:04:47 MDT." <199504032304.RAA00336@metal.ops.neosoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> I would like to add a config option to enable as disable securelevel. > the securelevel and chflags features are a major security helper IMHO. Are you saying you also want to come up secure? No installing over kernels and things except when up single? Hmmmmm... Hmmmmmmmmmmmmm! David? When did we say we were going to cut over after the "grace period" on this one? :-) Personally, I think it's not a bad idea for 2.1. I think it highly likely that there is already going to be a BIG SIGN saying "READ ALL OF THIS BEFORE PROCEEDING OR DIE!!" (or something to that effect) right at the beginning of 2.1. This file will contain stuff you _really_ want the users to read, for example the fact that system files are immutable by default and, while FAR more secure, not entirely without cost. There would probably be a number of people a lot safer because of it if we made it a default.. > Also, on a totally unrelated note, I've found on at least 2 scsi drives > I've used I need a pause right before the extended probe kicks off. > (bt_inquire_setup_information) The minimal pause I've experimentally > found is DELAY(450000). This is with the bt driver. I've had this patch > in my set of "local" patches forever, but when I brought it up before, > noone wanted it committed. Oh the horrors of yet another pause (which Indeed! The horror! I dunno.. Is this a known catagorical deficiency in certain drives? JOrdan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5522.796979211>