From owner-freebsd-security Thu Apr 16 22:19:25 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id WAA20750 for freebsd-security-outgoing; Thu, 16 Apr 1998 22:19:25 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from burka.rdy.com (dima@burka.rdy.com [205.149.163.30]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA20745; Fri, 17 Apr 1998 05:19:22 GMT (envelope-from dima@burka.rdy.com) Received: by burka.rdy.com id WAA12540; (8.8.8/RDY) Thu, 16 Apr 1998 22:19:21 -0700 (PDT) Message-Id: <199804170519.WAA12540@burka.rdy.com> Subject: Re: kernel permissions In-Reply-To: <19980417005408.08278@mph124.rh.psu.edu> from Matthew Hunt at "Apr 17, 98 00:54:08 am" To: mph@pobox.com (Matthew Hunt) Date: Thu, 16 Apr 1998 22:19:21 -0700 (PDT) Cc: dima@best.net, stable@FreeBSD.ORG, freebsd-security@FreeBSD.ORG X-Class: Fast Organization: HackerDome Reply-To: dima@best.net From: dima@best.net (Dima Ruban) X-Mailer: ELM [version 2.4ME+ PL38 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk Matthew Hunt writes: > On Thu, Apr 16, 1998 at 08:40:22PM -0700, Dima Ruban wrote: > > > 1. Debugging symbols and symbol table - user doesn't need that. > > 2. Possible kernel configuration - questionable. > > 3. Kernel namelist - user doesn't need that. > > 4. Kernel copy with possible commercial stuff - user doesn't need that. > > 5. Kernel copy with possible restricted/crypto - user doesn't need that. > > My complaint, and I think the general complaint of people disagreeing > with you, is that you are not setting policy at your site, you are > setting policy on all FreeBSD boxes, as-shipped. It's not about setting policy. It's about being reasonable. > Why are you in a position to decide what users, at thousands of sites > besides your own, do or do not need to know? Many of the arguments > you have made could be applied to making /bin/ls mode 111 as well, > since nobody *needs* to look at that. Right. The only difference is - no harm could be done with being able to read /bin/ls (or possible bad things) > There is a heritage, or intertia, that says we should keep things like > they are, unless there is a clear reason to do otherwise. You, What heritage? You mean the amount of people what don't want this change? I can tell you that more people agreed with me in either private email or responding to the mailing list than disagree. > therefore, are the one in the position to justify the change, and it > does not seem to me like you have done so. Again. There's a difference between "potential problem" and "security hole". This is not a security hole, but a potential problem (theoretically possible even). If this doesn't break anything, why in the hell shouldn't we have it? "Don't fix that ain't broke" is not an answer. > > My $0.02. I think, I've already went over 10 bucks :-) > > -- > Matthew Hunt * Stay close to the Vorlon. > http://mph124.rh.psu.edu/~mph/pgp.key for PGP public key 0x67203349. > -- dima To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message