From owner-svn-src-head@freebsd.org  Wed Feb 22 07:49:21 2017
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 34F90CE91EA
 for <svn-src-head@mailman.ysv.freebsd.org>;
 Wed, 22 Feb 2017 07:49:21 +0000 (UTC)
 (envelope-from r@robakdesign.com)
Received: from mail-vk0-f53.google.com (mail-vk0-f53.google.com
 [209.85.213.53])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id F0E901819
 for <svn-src-head@freebsd.org>; Wed, 22 Feb 2017 07:49:20 +0000 (UTC)
 (envelope-from r@robakdesign.com)
Received: by mail-vk0-f53.google.com with SMTP id r136so1821292vke.1
 for <svn-src-head@freebsd.org>; Tue, 21 Feb 2017 23:49:20 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to;
 bh=z3PT62BEgNI65+YkRxMO9CQ2TwDzx8EXc7lFMZmtN3w=;
 b=L5jl5xz/LR+AUGjpMLez3aJpabfAuXBrsT5jsA2EJ/QxpszmJ1rXylETTUGtkcqHNm
 gDpeG1gwbZapYsrqLXXEGzaWPL3VPwtMSJSFzckOvKI/PFHPe102vLRmq+9WkqBHiw3s
 lMafv7afwaVSWMqhqzBb90YM+RqK6NYJubPbpWDgz21FVfm/S8jKDSv6WRy2HPvdtd+W
 4l9eDwJLkJ2sZJQi+AjsV+xVluTUgtacIiDts5ZqAKP43mSBm1uE7RDnU7LEuyTJfOsi
 B9FNnHYTeH0wRVJuQE6eVR90jRJwNFeMI21CUhNfRjjyEs0vMXKH93ZP9Fxk3ImO6/Tn
 pvdg==
X-Gm-Message-State: AMke39kl8onXdcVcGcjC5thlUXmJFXM/uogq9hwfw982Xml370v2WIhZvjfHcLvdGhd2sg==
X-Received: by 10.31.130.199 with SMTP id e190mr15441274vkd.143.1487749753809; 
 Tue, 21 Feb 2017 23:49:13 -0800 (PST)
Received: from mail-ua0-f172.google.com (mail-ua0-f172.google.com.
 [209.85.217.172])
 by smtp.gmail.com with ESMTPSA id x32sm97754uab.31.2017.02.21.23.49.12
 for <svn-src-head@freebsd.org>
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Tue, 21 Feb 2017 23:49:13 -0800 (PST)
Received: by mail-ua0-f172.google.com with SMTP id c32so2090810uac.1
 for <svn-src-head@freebsd.org>; Tue, 21 Feb 2017 23:49:12 -0800 (PST)
X-Received: by 10.176.69.5 with SMTP id r5mr10238226uar.56.1487749752535; Tue,
 21 Feb 2017 23:49:12 -0800 (PST)
MIME-Version: 1.0
Received: by 10.103.19.131 with HTTP; Tue, 21 Feb 2017 23:48:52 -0800 (PST)
In-Reply-To: <20170222070733.GA29010@ymer.vnode.se>
References: <201702210937.v1L9bY6V093836@repo.freebsd.org>
 <28a4cf5e-2edd-3e30-9ecd-817f886e9ea3@FreeBSD.org>
 <20170221144002.GA87822@FreeBSD.org> <20170222070733.GA29010@ymer.vnode.se>
From: =?UTF-8?Q?Bart=C5=82omiej_Rutkowski?= <robak@freebsd.org>
Date: Wed, 22 Feb 2017 07:48:52 +0000
X-Gmail-Original-Message-ID: <CAGFrfxYr7YRG65zDFssJzium+gKeSmQj5ftir+8Wc3dxLSHO_w@mail.gmail.com>
Message-ID: <CAGFrfxYr7YRG65zDFssJzium+gKeSmQj5ftir+8Wc3dxLSHO_w@mail.gmail.com>
Subject: Re: svn commit: r314036 - head/usr.sbin/bsdinstall/scripts
To: Alexey Dokuchaev <danfe@freebsd.org>, Eric Badger <badger@freebsd.org>, 
 Bartek Rutkowski <robak@freebsd.org>, src-committers@freebsd.org,
 svn-src-all@freebsd.org, svn-src-head@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.23
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Feb 2017 07:49:21 -0000

On Wed, Feb 22, 2017 at 7:07 AM, Joel Dahl <joel@vnode.se> wrote:

> On Tue, Feb 21, 2017 at 02:40:02PM +0000, Alexey Dokuchaev wrote:
> > On Tue, Feb 21, 2017 at 08:34:29AM -0600, Eric Badger wrote:
> > > Thanks for working on making it easier to harden FreeBSD. While
> > > defaulting some of these options to "on" seem pretty harmless (e.g.
> > > random_pid), others are likely to cause confusion for new and
> > > experienced users alike (e.g. proc_debug. I've never used that option
> > > before, so I gave it a try. It simply causes gdb to hang when
> attempting
> > > to start a process, with no obvious indication of why).
> >
> > I concur.  In fact, harmless knobs should probably be turned on by
> default
> > in FreeBSD itself (i.e., without any "hardening" help from the
> installer),
> > while more intrusive ones should be opt-in, not opt-out.
>
> I agree. Can we back this out and discuss it on current@?
>

With all due respect, I would rather not. The only reason is that it's been
discussed so many times over the years and neither of the discussion ended
up in anything improving the security of the OS and this is exactly why I
took the action and started introducing the hardening options to the
bsdinstall. Mind, you can always disable them, they won't be enabled in
base OS for a while and this is the best way to assert wether they do have
any negative impact. They've been around as OFF by default since 11.0-R and
so far no one complained.

Kind regards,
Bartek Rutkowski