From owner-freebsd-arch  Thu Jul 27  5: 8: 2 2000
Delivered-To: freebsd-arch@freebsd.org
Received: from critter.freebsd.dk (wandering-wizard.cybercity.dk [212.242.43.150])
	by hub.freebsd.org (Postfix) with ESMTP id 3B40A37B738
	for <arch@FreeBSD.ORG>; Thu, 27 Jul 2000 05:07:59 -0700 (PDT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.9.3/8.9.3) with ESMTP id JAA00220;
	Thu, 27 Jul 2000 09:30:59 +0200 (CEST)
	(envelope-from phk@critter.freebsd.dk)
To: John Polstra <jdp@polstra.com>
Cc: arch@FreeBSD.ORG
Subject: Re: How much security should ldconfig enforce? 
In-reply-to: Your message of "Wed, 26 Jul 2000 19:36:13 PDT."
             <XFMail.000726193613.jdp@polstra.com> 
Date: Thu, 27 Jul 2000 09:30:58 +0200
Message-ID: <218.964683058@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


>3. It could default to strictly secure but accept a command-line
>option to relax the constraints.  And an rc.conf knob could be added
>to control whether or not it was strict at boot time.
>
>What do you folks think about this?

Following on the "tools, not policy" the 3rd option has support.

--
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD coreteam member | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message