From owner-freebsd-security Sun Jul 6 14:50:59 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id OAA07552 for security-outgoing; Sun, 6 Jul 1997 14:50:59 -0700 (PDT) Received: (from jmb@localhost) by hub.freebsd.org (8.8.5/8.8.5) id OAA07546; Sun, 6 Jul 1997 14:50:47 -0700 (PDT) From: "Jonathan M. Bresler" Message-Id: <199707062150.OAA07546@hub.freebsd.org> Subject: Re: Security Model/Target for FreeBSD or 4.4? To: jkh@time.cdrom.com (Jordan K. Hubbard) Date: Sun, 6 Jul 1997 14:50:46 -0700 (PDT) Cc: careilly@monoid.cs.tcd.ie, adam@homeport.org, freebsd-security@FreeBSD.ORG In-Reply-To: <13612.868146464@time.cdrom.com> from "Jordan K. Hubbard" at Jul 5, 97 04:47:44 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Jordan K. Hubbard wrote: > > > I also spent a couple of hours fighting with Alta Vista looking for relevant > > documents and didn't find very much. Any other suggestions? > > /usr/src? :) > > Seriously, I doubt you'll find that anyone has sat down and documented > this aspect of the system specifically. If you want to study the > security implementation in detail, the sources remain the first and > foremost resource. In fact, they probably represent the ONLY resource. > Good luck! in a nutshell, the security model is "you must have permission to do something". the superuser (aka root: uid 0) is can do anything. command audit trail (logging) is not provided. the holes have been in the implementation of that model. the source shows the implementation. which has been of greatly varying quality regarding security. ;( jmb