From owner-freebsd-security Wed Feb 3 08:18:15 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA02700 for freebsd-security-outgoing; Wed, 3 Feb 1999 08:18:15 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from mtiwmhc05.worldnet.att.net (mtiwmhc05.worldnet.att.net [204.127.131.40]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA02693; Wed, 3 Feb 1999 08:18:12 -0800 (PST) (envelope-from gryphon@healer.com) Received: from healer.com ([12.77.216.204]) by mtiwmhc05.worldnet.att.net (InterMail v03.02.07 118 124) with ESMTP id <19990203161810.ITMS11325@healer.com>; Wed, 3 Feb 1999 16:18:10 +0000 Message-ID: <36B8A52C.87FC356@healer.com> Date: Wed, 03 Feb 1999 11:36:12 -0800 From: Coranth Gryphon X-Mailer: Mozilla 4.05 [en] (Win95; U) MIME-Version: 1.0 To: "Jordan K. Hubbard" CC: Garrett Wollman , Matthew Dillon , "Jonathan M. Bresler" , woodford@cc181716-a.hwrd1.md.home.com, security@FreeBSD.ORG Subject: Re: tcpdump References: <10089.918017944@zippy.cdrom.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Perhaps it's worth revisting the GENERIC issue from another direction. What if FreeBSD shipped with two pre-built kernels, one with most of the options (LKM, BPF, etc) turned on by default and the other reasonable locked down (ie SECURE). Seems to me that most people fall within one camp or the other. This would allow people to choose which 'version' they prefer without having to recompile an entire new kernel. -coranth To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message