From owner-freebsd-security  Wed Feb  3 08:18:15 1999
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA02700
          for freebsd-security-outgoing; Wed, 3 Feb 1999 08:18:15 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from mtiwmhc05.worldnet.att.net (mtiwmhc05.worldnet.att.net [204.127.131.40])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA02693;
          Wed, 3 Feb 1999 08:18:12 -0800 (PST)
          (envelope-from gryphon@healer.com)
Received: from healer.com ([12.77.216.204]) by mtiwmhc05.worldnet.att.net
          (InterMail v03.02.07 118 124) with ESMTP
          id <19990203161810.ITMS11325@healer.com>;
          Wed, 3 Feb 1999 16:18:10 +0000
Message-ID: <36B8A52C.87FC356@healer.com>
Date: Wed, 03 Feb 1999 11:36:12 -0800
From: Coranth Gryphon <gryphon@healer.com>
X-Mailer: Mozilla 4.05 [en] (Win95; U)
MIME-Version: 1.0
To: "Jordan K. Hubbard" <jkh@zippy.cdrom.com>
CC: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>,
        Matthew Dillon <dillon@apollo.backplane.com>,
        "Jonathan M. Bresler" <jmb@FreeBSD.ORG>,
        woodford@cc181716-a.hwrd1.md.home.com, security@FreeBSD.ORG
Subject: Re: tcpdump
References: <10089.918017944@zippy.cdrom.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Perhaps it's worth revisting the GENERIC issue from another direction.
What if FreeBSD shipped with two pre-built kernels, one with
most of the options (LKM, BPF, etc) turned on by default and
the other reasonable locked down (ie SECURE). 

Seems to me that most people fall within one camp or the other.
This would allow people to choose which 'version' they prefer without
having to recompile an entire new kernel.

-coranth

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message