From owner-cvs-all  Thu Aug 23 11:19:36 2001
Delivered-To: cvs-all@freebsd.org
Received: from niwun.pair.com (niwun.pair.com [209.68.2.70])
	by hub.freebsd.org (Postfix) with SMTP id 9B14837B409
	for <cvs-all@FreeBSD.ORG>; Thu, 23 Aug 2001 11:19:23 -0700 (PDT)
	(envelope-from silby@silby.com)
Received: (qmail 50591 invoked by uid 3193); 23 Aug 2001 18:19:21 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 23 Aug 2001 18:19:21 -0000
Date: Thu, 23 Aug 2001 14:19:21 -0400 (EDT)
From: Mike Silbersack <silby@silby.com>
X-Sender:  <silby@niwun.pair.com>
To: Brian Somers <brian@Awfulhak.org>
Cc: Matt Dillon <dillon@earth.backplane.com>,
	Chris Dillon <cdillon@wolves.k12.mo.us>,
	"Andrey A. Chernov" <ache@nagual.pp.ru>,
	Jun Kuriyama <kuriyama@imgsrc.co.jp>, <cvs-committers@FreeBSD.ORG>,
	<cvs-all@FreeBSD.ORG>, <brian@freebsd-services.com>
Subject: Re: cvs commit: src/etc/defaults rc.conf src/etc/mtree BSD.var.dist
 src/etc/namedb named.conf 
In-Reply-To: <200108231756.f7NHu3g82765@hak.lan.Awfulhak.org>
Message-ID: <Pine.BSF.4.30.0108231414260.29579-100000@niwun.pair.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG


On Thu, 23 Aug 2001, Brian Somers wrote:

> >     As long as people follow the instructions when setting up secondariese,
> >     the sandbox will 'just work'.  I think this is doable and reasonable,
> >     and I also think that since -stable is going to be with us for a long time
> >     we should seriously consider MFCing these changes.
>
> I'd have to object to any such MFC.  It'll break peoples name servers
> and that's unacceptable in -stable.

Ok, how about if a more relaxed approach is taken:

1.  Sandboxing becomes default in -current.
2.  rc.conf is amended with some fancy shell scripting that mails root and
says "You're not using sandboxing!  Read this url and figure it out, it
will be the default in 4.5"
3.  Sandboxing becomes default in 4.5.

I'm sure this would annoy some people, but it would be a good step forward
in proactive security.

The only problem I see is that I'm terrible at shell scripting, someone
else would have to do the above. :)

Mike "Silby" Silbersack


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message