From owner-svn-src-all@freebsd.org Wed Feb 22 19:23:40 2017 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F03DACE990E; Wed, 22 Feb 2017 19:23:40 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from mx1.scaleengine.net (mx1.scaleengine.net [209.51.186.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C29CB1372; Wed, 22 Feb 2017 19:23:40 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from [10.1.1.2] (unknown [10.1.1.2]) (Authenticated sender: allanjude.freebsd@scaleengine.com) by mx1.scaleengine.net (Postfix) with ESMTPSA id 5F10113CD1; Wed, 22 Feb 2017 19:23:38 +0000 (UTC) Subject: Re: svn commit: r314036 - head/usr.sbin/bsdinstall/scripts To: cem@freebsd.org, Slawa Olhovchenkov References: <201702210937.v1L9bY6V093836@repo.freebsd.org> <28a4cf5e-2edd-3e30-9ecd-817f886e9ea3@FreeBSD.org> <20170221144002.GA87822@FreeBSD.org> <20170222112335.GA29481@ymer.vnode.se> <20170222180541.GG15630@zxy.spb.ru> Cc: =?UTF-8?Q?Bart=c5=82omiej_Rutkowski?= , src-committers , svn-src-all@freebsd.org, svn-src-head@freebsd.org From: Allan Jude Message-ID: <457783d7-def2-3970-f180-58697a156423@freebsd.org> Date: Wed, 22 Feb 2017 14:23:26 -0500 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5nnpEDAnhaOx3Mei4mRsNAlWL5dGTaIMT" X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Feb 2017 19:23:41 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --5nnpEDAnhaOx3Mei4mRsNAlWL5dGTaIMT Content-Type: multipart/mixed; boundary="OLBaWTDGmSB0FPgOKesMmnAxhTP8ILvV8"; protected-headers="v1" From: Allan Jude To: cem@freebsd.org, Slawa Olhovchenkov Cc: =?UTF-8?Q?Bart=c5=82omiej_Rutkowski?= , src-committers , svn-src-all@freebsd.org, svn-src-head@freebsd.org Message-ID: <457783d7-def2-3970-f180-58697a156423@freebsd.org> Subject: Re: svn commit: r314036 - head/usr.sbin/bsdinstall/scripts References: <201702210937.v1L9bY6V093836@repo.freebsd.org> <28a4cf5e-2edd-3e30-9ecd-817f886e9ea3@FreeBSD.org> <20170221144002.GA87822@FreeBSD.org> <20170222112335.GA29481@ymer.vnode.se> <20170222180541.GG15630@zxy.spb.ru> In-Reply-To: --OLBaWTDGmSB0FPgOKesMmnAxhTP8ILvV8 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 2017-02-22 13:13, Conrad Meyer wrote: > On Wed, Feb 22, 2017 at 10:05 AM, Slawa Olhovchenkov w= rote: >> On Wed, Feb 22, 2017 at 08:11:14AM -0800, Conrad Meyer wrote: >> >>> On Wed, Feb 22, 2017 at 3:23 AM, Joel Dahl wrote: >>>> On Wed, Feb 22, 2017 at 07:56:52AM +0000, Bart=C5=82omiej Rutkowski = wrote: >>>>> I strongly believe we should, by default, ship as secured and harde= ned as >>>>> possible in order to improve overall security of new users installa= tions. >>>>> Power users will and do change the OS as they please, they most lik= ely >>>>> don't use bsdinstall in first place, so they're not affected in any= way. >>>> >>>> Sorry, I strongly disagree with that. I'm most likely a "power user"= and I use >>>> bsdinstall. >>> >>> Ditto. I'm also unfamiliar enough with the installer to trip on this= >>> kind of thing. Slawa's proposed "disable all" option would be fine. >> >> My english not enought fluent for more explicate proposal, from my >> point most of this options do hardened in only limited cases, for >> other cases same options do system more un-hardened by force working >> as root. Some have unevident effects (/tmp cleaning, for example). >=20 > Yep. I am not concerned about disabling sendmail or remote syslog by > default, though. >=20 >> For many users this options will be source of weird issuses (gdb don't= >> work? fucking ugly freebsd! migrate to linux). >=20 > Yeah, I am concerned about this too. (Also: "ps doesn't work" would > be a big newbie sysadmin headache.) >=20 >> This is evil trend of enforcing weird solutions under the auspices of >> 'my safety': airport security check, backgound check on every point, >> lawfull intercept, block access to hardware management in safety >> enviroment by 'leak ecnription'. I am enoght smart for self-sufficient= >> security risk assessment! >> >> Industry already have at some "hardened" BSD: OpenBSD and HardenedBSD.= >> Waht about market share? >=20 > Best, > Conrad >=20 Yeah, a think a number of these options are good, but a bunch are no go. I do not want something deleting my files from /tmp unexpectedly. TrueOS has that on by default, and it has eaten useful files a few too many time= s. Breaking gdb should NOT be on by default either. For some of the others, having them on by default in bsdinstall might be a good way to 'test' the features under a wider user load, before we switch the defaults for the sysctls. --=20 Allan Jude --OLBaWTDGmSB0FPgOKesMmnAxhTP8ILvV8-- --5nnpEDAnhaOx3Mei4mRsNAlWL5dGTaIMT Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBAgAGBQJYreUxAAoJEBmVNT4SmAt+7J4P/1y2wIryJVLxxcF5EeJFBxzN ZAeCQuHuAwH9+xR1GZlUwSzBTkeI5o/GkE0Qhu5TbDqp57xzcz0bzyGKeYVQIM6b T3/oSTnmM2SDxckACMVJ2cEvhmrqHBqLdH4b5SDiostSErSzSqGcu1NpVuNQ7qua rfTBvxIwDVvkFXkNEnteUlDrhqM2vFc6R0bBDcy9CCthk0bh4lwLTXwYgJZ8I8JI stBRqMmjLb3XwilxWD57pdt6Lf4jItABlq4WqdZVEEEQslgncgANzCLNMGLBrnwG XbIcKNX/8kAmp8n7AUM0MSgVAecf9sZ8gjdEnXEGy4g4jVX9XPXEFIzj0+VTrccN JqCxCROCCpIxD2YhOSHi9f7YjnSqQP8AKRa6ybKZ6t4LBbSeorU1HXY3pYNAWw9o Qm+EvThEyQAZBEhnKzhcu591F3lKi7yGHMkdv2iYBHoshyKBkqU+2pAomAeK7mqW b3bVL7q1URweFbMZ3w3E4RkLy+WT8aipfjUKXaU1usnPoSY8pYsVL7jyJ0q4elIT lkxHnBlrG4WV82BOh8VThPqKeFTkohIYt8qU2Ez6eDrapcCP0Ym6iYsKDzEvAoZB JO9iZ3C/WCvKGeG0ZiEKL+r4tSljRGYBeKBV51GNKwxRiOi7VmBaBpiu2YoaHTEN sAqFw0bZv2Ih97LaT+fe =UWvd -----END PGP SIGNATURE----- --5nnpEDAnhaOx3Mei4mRsNAlWL5dGTaIMT--