From owner-freebsd-security  Thu Apr 16 21:54:42 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id VAA17087
          for freebsd-security-outgoing; Thu, 16 Apr 1998 21:54:42 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from mph124.rh.psu.edu (mph@MPH124.rh.psu.edu [128.118.126.83])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA17070;
          Fri, 17 Apr 1998 04:54:34 GMT
          (envelope-from mph@mph124.rh.psu.edu)
Received: (from mph@localhost)
	by mph124.rh.psu.edu (8.8.8/8.8.8) id AAA06016;
	Fri, 17 Apr 1998 00:54:09 -0400 (EDT)
	(envelope-from mph)
Message-ID: <19980417005408.08278@mph124.rh.psu.edu>
Date: Fri, 17 Apr 1998 00:54:08 -0400
From: Matthew Hunt <mph@pobox.com>
To: dima@best.net
Cc: stable@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject: Re: kernel permissions
Mail-Followup-To: dima@best.net, stable@FreeBSD.ORG,
	freebsd-security@FreeBSD.ORG
References: <E0yQ0zz-000653-00@set.spradley.tmi.net> <199804170340.UAA12029@burka.rdy.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.89i
In-Reply-To: <199804170340.UAA12029@burka.rdy.com>; from Dima Ruban on Thu, Apr 16, 1998 at 08:40:22PM -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

On Thu, Apr 16, 1998 at 08:40:22PM -0700, Dima Ruban wrote:

> 1. Debugging symbols and symbol table		- user doesn't need that.
> 2. Possible kernel configuration		- questionable.
> 3. Kernel namelist				- user doesn't need that.
> 4. Kernel copy with possible commercial stuff	- user doesn't need that.
> 5. Kernel copy with possible restricted/crypto	- user doesn't need that.

My complaint, and I think the general complaint of people disagreeing
with you, is that you are not setting policy at your site, you are
setting policy on all FreeBSD boxes, as-shipped.

Why are you in a position to decide what users, at thousands of sites
besides your own, do or do not need to know?  Many of the arguments
you have made could be applied to making /bin/ls mode 111 as well,
since nobody *needs* to look at that.

There is a heritage, or intertia, that says we should keep things like
they are, unless there is a clear reason to do otherwise.  You,
therefore, are the one in the position to justify the change, and it
does not seem to me like you have done so.

My $0.02.

-- 
Matthew Hunt <mph@pobox.com> * Stay close to the Vorlon.
http://mph124.rh.psu.edu/~mph/pgp.key for PGP public key 0x67203349.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message