Date: Sat, 26 Jul 2003 15:08:48 +0200 From: Paul Schenkeveld <fb-arch@psconsult.nl> To: freebsd-arch@freebsd.org Subject: Re: Things to remove from /rescue Message-ID: <20030726130847.GA42503@psconsult.nl> In-Reply-To: <20030724185933.GC85582@dragon.nuxi.com> References: <20030719171138.GA86442@dragon.nuxi.com> <XFMail.20030721151553.jhb@FreeBSD.org> <20030721202314.GC21068@dragon.nuxi.com> <xzpn0f76i69.fsf@dwp.des.no> <20030722151138.GB72888@dragon.nuxi.com> <20030722153056.GM863@starjuice.net> <20030723002531.GA44452@kokeb.ambesa.net> <20030724185933.GC85582@dragon.nuxi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 24, 2003 at 11:59:33AM -0700, David O'Brien wrote: > On Tue, Jul 22, 2003 at 08:25:32PM -0400, Mike Makonnen wrote: > > > b) want to maintain network security while accessing that resource. > > > > What security? There are no network services running in single-user, > > so what is there to secure? > > I'm glad I'm not the only one seeing things this way. I'm not that familiar with -current (still running -stable) but will using /etc/rc.d to initialize your network also enable ipforwarding? In other words, although I'm trying to rescue my firewall, will it act as an open router if /etc/rc.d/* enable forwarding and I can only use a sysctl to open up ipfw so I can reach a remote tape drive? > > I won't complain if it's kept, but I would prefer just the bare minimum > > be kept in /rescue. Once you go beyond that and into "well s/he might > > need..." territory then we might as well throw in everything in the > > base system. IMO, /rescue should be the absolute essentials _only_. > > Instead of theorizing reasons why someone might need ipfw and friends, > > why don't we wait until we get a bug report about a specific situation > > in which it was needed before we put it back in. > > Thank you for expressing this so well. I do think we should wait for > PR's telling real experiences rather than theorizing so much in the "what > if"'s. > > > Also, while you're at it, David, I think you can get rid of rcorder > > as well. I don't know why one would need it to fix a hosed root, > > and besides it's staticaly linked to begin with. > > Will do! :-) Paul Schenkeveld
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030726130847.GA42503>