From owner-freebsd-security Thu Aug 12 10: 6:24 1999 Delivered-To: freebsd-security@freebsd.org Received: from relay.veriguard.com (relay.securify.com [207.5.63.61]) by hub.freebsd.org (Postfix) with ESMTP id 15D2F1581B for ; Thu, 12 Aug 1999 10:06:12 -0700 (PDT) (envelope-from tomb@securify.com) Received: by relay.veriguard.com; id KAA03199; Thu, 12 Aug 1999 10:05:26 -0700 (PDT) Received: from unknown(10.5.63.6) by relay.veriguard.com via smap (4.1) id xma003195; Thu, 12 Aug 99 10:05:19 -0700 Received: from beetroot.securify.com (beetroot.securify.com [10.5.63.102]) by dude.veriguard.com (8.8.7/8.8.7) with SMTP id KAA02456 for ; Thu, 12 Aug 1999 10:05:18 -0700 Received: by beetroot.securify.com with Microsoft Mail id <01BEE4A8.6FE3EEC0@beetroot.securify.com>; Thu, 12 Aug 1999 09:52:49 -0700 Message-ID: <01BEE4A8.6FE3EEC0@beetroot.securify.com> From: Tom Brown To: "'freebsd-security@freebsd.org'" Subject: "Secure-FreeBSD" Idea Date: Thu, 12 Aug 1999 09:52:48 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org HI, Just come back from "websec" which was a bit dull, but I did get the = feeling whilst fighting off the sleep that there is a really good = opening for a quality secure O/S. =20 Now realistically all this would have to be is a really anal = installation process, forcing the user to positively select services = such as ftp,telnet, sendmail etc. So if you don't select anything, you = can't much. It would also have carefully set UMASKS and probably come = with some easy way to get the user to set-up tripwire and ipfw for = example. I suspect that most of the readers of this list spend a fair amount of = time going through the same laborious process of tying down each server = they built. How about we pools this vast collection of procedures = together and try to build some kind of a security release. We all know = (well at least I hope we do!) what a solid O/S FreeBSD is, wouldn't this = be the ideal opportunity, to push the OS further into the public eye? Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message