From owner-svn-src-all@freebsd.org  Wed Feb 22 07:49:21 2017
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3E818CE91EB
 for <svn-src-all@mailman.ysv.freebsd.org>;
 Wed, 22 Feb 2017 07:49:21 +0000 (UTC)
 (envelope-from r@robakdesign.com)
Received: from mail-vk0-f50.google.com (mail-vk0-f50.google.com
 [209.85.213.50])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id F0E401818
 for <svn-src-all@freebsd.org>; Wed, 22 Feb 2017 07:49:20 +0000 (UTC)
 (envelope-from r@robakdesign.com)
Received: by mail-vk0-f50.google.com with SMTP id x75so1812728vke.2
 for <svn-src-all@freebsd.org>; Tue, 21 Feb 2017 23:49:20 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to;
 bh=z3PT62BEgNI65+YkRxMO9CQ2TwDzx8EXc7lFMZmtN3w=;
 b=TAW6GGKyxIJM2tYkgerbVftHVXBPcWspWFeChK8Yt41tmADodxdkQVWL7dZyvgVT25
 1mejpnsPxlKpyis+49kr9gBLp8CpjNWVZu+JI6y8i99eyw3x12hz44+FQgsxqsjEbnxZ
 15pg5IzEtsIRWvx8Fu8qZQLb7n/PO6m4G7GCfeLYAiyYkeIU4drqth50eRv6RKTGz8s2
 Wf1WLHA/Vqv1H9yRALiC+dY65woDD15PCN+tYz1nScrKIwm5nniFHbxfM/mn3gdvuWBy
 WeE14H01/ZP4HdZKY0Wwr0c08JxAF9s2184iSxZEuRONJh7wbY9XTCAEdJ6rNjU/587z
 YuAA==
X-Gm-Message-State: AMke39lkng1oSqGj1J0tmbjw4CIXHpxl7N0Ms1lgf6nCW9EZwaVuekjP7u3EZkKoKKVp6Q==
X-Received: by 10.31.140.208 with SMTP id o199mr14706641vkd.133.1487749754144; 
 Tue, 21 Feb 2017 23:49:14 -0800 (PST)
Received: from mail-ua0-f169.google.com (mail-ua0-f169.google.com.
 [209.85.217.169])
 by smtp.gmail.com with ESMTPSA id m62sm101837uam.17.2017.02.21.23.49.12
 for <svn-src-all@freebsd.org>
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Tue, 21 Feb 2017 23:49:13 -0800 (PST)
Received: by mail-ua0-f169.google.com with SMTP id 40so2076336uau.2
 for <svn-src-all@freebsd.org>; Tue, 21 Feb 2017 23:49:12 -0800 (PST)
X-Received: by 10.176.69.5 with SMTP id r5mr10238226uar.56.1487749752535; Tue,
 21 Feb 2017 23:49:12 -0800 (PST)
MIME-Version: 1.0
Received: by 10.103.19.131 with HTTP; Tue, 21 Feb 2017 23:48:52 -0800 (PST)
In-Reply-To: <20170222070733.GA29010@ymer.vnode.se>
References: <201702210937.v1L9bY6V093836@repo.freebsd.org>
 <28a4cf5e-2edd-3e30-9ecd-817f886e9ea3@FreeBSD.org>
 <20170221144002.GA87822@FreeBSD.org> <20170222070733.GA29010@ymer.vnode.se>
From: =?UTF-8?Q?Bart=C5=82omiej_Rutkowski?= <robak@freebsd.org>
Date: Wed, 22 Feb 2017 07:48:52 +0000
X-Gmail-Original-Message-ID: <CAGFrfxYr7YRG65zDFssJzium+gKeSmQj5ftir+8Wc3dxLSHO_w@mail.gmail.com>
Message-ID: <CAGFrfxYr7YRG65zDFssJzium+gKeSmQj5ftir+8Wc3dxLSHO_w@mail.gmail.com>
Subject: Re: svn commit: r314036 - head/usr.sbin/bsdinstall/scripts
To: Alexey Dokuchaev <danfe@freebsd.org>, Eric Badger <badger@freebsd.org>, 
 Bartek Rutkowski <robak@freebsd.org>, src-committers@freebsd.org,
 svn-src-all@freebsd.org, svn-src-head@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.23
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Feb 2017 07:49:21 -0000

On Wed, Feb 22, 2017 at 7:07 AM, Joel Dahl <joel@vnode.se> wrote:

> On Tue, Feb 21, 2017 at 02:40:02PM +0000, Alexey Dokuchaev wrote:
> > On Tue, Feb 21, 2017 at 08:34:29AM -0600, Eric Badger wrote:
> > > Thanks for working on making it easier to harden FreeBSD. While
> > > defaulting some of these options to "on" seem pretty harmless (e.g.
> > > random_pid), others are likely to cause confusion for new and
> > > experienced users alike (e.g. proc_debug. I've never used that option
> > > before, so I gave it a try. It simply causes gdb to hang when
> attempting
> > > to start a process, with no obvious indication of why).
> >
> > I concur.  In fact, harmless knobs should probably be turned on by
> default
> > in FreeBSD itself (i.e., without any "hardening" help from the
> installer),
> > while more intrusive ones should be opt-in, not opt-out.
>
> I agree. Can we back this out and discuss it on current@?
>

With all due respect, I would rather not. The only reason is that it's been
discussed so many times over the years and neither of the discussion ended
up in anything improving the security of the OS and this is exactly why I
took the action and started introducing the hardening options to the
bsdinstall. Mind, you can always disable them, they won't be enabled in
base OS for a while and this is the best way to assert wether they do have
any negative impact. They've been around as OFF by default since 11.0-R and
so far no one complained.

Kind regards,
Bartek Rutkowski