From owner-freebsd-arch Thu Jul 27 6:39:29 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 0AB3737B944 for ; Thu, 27 Jul 2000 06:39:22 -0700 (PDT) (envelope-from nectar@nectar.com) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 8534D195F4; Thu, 27 Jul 2000 08:39:20 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id IAA09065; Thu, 27 Jul 2000 08:39:20 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Thu, 27 Jul 2000 08:39:20 -0500 From: "Jacques A. Vidrine" To: Neil Blakey-Milner Cc: John Polstra , arch@freebsd.org Subject: Re: How much security should ldconfig enforce? Message-ID: <20000727083920.A9036@hamlet.nectar.com> References: <20000727075027.C8974@hamlet.nectar.com> <20000727145247.A46416@mithrandr.moria.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <20000727145247.A46416@mithrandr.moria.org>; from nbm@mithrandr.moria.org on Thu, Jul 27, 2000 at 02:52:47PM +0200 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Jul 27, 2000 at 02:52:47PM +0200, Neil Blakey-Milner wrote: > > I like this option, but the knob should be compile-time, IMHO. > > Why? > > You expect someone to check out sources and recompile the program to > make it secure when you can instead use a command line option? No, I expect by default that it be built in secure mode. I expect that if someone wants to shoot herself in the foot, she can twiddle make.conf and rebuild from source to disable this option. -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message