From owner-cvs-all  Sun Jul 14  9:35:21 2002
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 271EF37B401; Sun, 14 Jul 2002 09:35:15 -0700 (PDT)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 7A48143E3B; Sun, 14 Jul 2002 09:35:14 -0700 (PDT)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.12.4/8.12.4) with SMTP id g6EGZ9bM026448;
	Sun, 14 Jul 2002 12:35:09 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Date: Sun, 14 Jul 2002 12:35:09 -0400 (EDT)
From: Robert Watson <rwatson@FreeBSD.ORG>
X-Sender: robert@fledge.watson.org
To: Luigi Rizzo <luigi@FreeBSD.ORG>
Cc: Giorgos Keramidas <keramida@FreeBSD.ORG>,
	cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG
Subject: Re: cvs commit: src/usr.bin/talk display.c talk.1 talk.c
In-Reply-To: <20020714093012.D74633@iguana.icir.org>
Message-ID: <Pine.NEB.3.96L.1020714123332.25880E-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG


On Sun, 14 Jul 2002, Luigi Rizzo wrote:

> On Sun, Jul 14, 2002 at 12:14:35PM -0400, Robert Watson wrote:
> ...
> > FreeBSD 5.0-CURRENT supports 'security.bsd.bsd_see_other_uids' which
> > limits the flow of inter-user information.  Try setting it to 0 sometime.
> 
> ok, i also learned that there is a similar option under -stable (with a
> different name of course :) ), but the problem is that both default to 1
> ("we live in a nice world") 

The setting in -STABLE doesn't limit procfs or socket information sharing,
and so isn't a complete solution.  In fact, it was recently posted to
bugtraq for having its documented behavior (which seemed a bit weak to
me).  The -CURRENT solution is much more comprehensive.

> I'd suggest setting the default to 0 in -current, also to give some time
> to realize how much breakage this could cause in users' scripts and the
> like. 

This was discussed at one point, and my impression was that people didn't
like the idea.  The MAC module implementing the same behavior actually
supports a notion of exemption, so if we were to default it to on, a
recent behavior would be to exempt members of the operator group.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Network Associates Laboratories



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message