From owner-freebsd-security  Sat Oct 16  2:48:24 1999
Delivered-To: freebsd-security@freebsd.org
Received: from fever.semiotek.com (H253.C225.tor.velocet.net [216.126.82.253])
	by hub.freebsd.org (Postfix) with ESMTP id EB6FD1543D
	for <freebsd-security@FreeBSD.ORG>; Sat, 16 Oct 1999 02:48:21 -0700 (PDT)
	(envelope-from jread@fever.semiotek.com)
Received: (from jread@localhost)
	by fever.semiotek.com (8.9.3/8.9.3) id FAA48562;
	Sat, 16 Oct 1999 05:47:52 -0400 (EDT)
	(envelope-from jread)
Date: Sat, 16 Oct 1999 05:47:52 -0400
From: Justin Wells <jread@semiotek.com>
To: Mike Nowlin <mike@argos.org>
Cc: Steve Reid <sreid@sea-to-sky.net>,
	"Rashid N. Achilov" <shelton@sentry.granch.ru>,
	freebsd-security@FreeBSD.ORG
Subject: Re: kern.securelevel and X
Message-ID: <19991016054752.A48505@fever.semiotek.com>
References: <19991015133335.A410@grok.localnet> <Pine.LNX.4.05.9910160444510.25028-100000@jason.argos.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0pre3i
In-Reply-To: <Pine.LNX.4.05.9910160444510.25028-100000@jason.argos.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


On Sat, Oct 16, 1999 at 04:50:18AM -0400, Mike Nowlin wrote:
> 
> > But I don't think FreeBSD has that capability. I haven't seen any
> > mention of a FreeBSD aperture driver, not even in vaporware form.
> > Maybe people just don't realize such a thing is possible?
> 
> ...not really sure I should bring this up, but.......
> 
> My belief is that if you feel the necessity to run a machine (especially a
> production box) under a higher secure level, you should not be using that
> box for "general user uses", including X.  With the prices of fast
> ethernet and motherboards these days, there's no reason why you can't make
> a workstation for general use that doesn't really mind getting trashed if
> somebody breaks in -- restore a backup tape, and you're ready to go.
> Diskless workstations (slaved off the high-security machine) comes to
> mind...

I don't agree with this at all. Workstations are important targets for 
attackers, since if you can breach a workstation, you can probably 
infiltrate any server that the user of the workstation connects to. 
You can sniff passwords, capture TTY's, hijaack SSH sessions, find 
paths through firewalls... never assume that you would know if an 
attacker broke in.

You might say that the workstations could all sit behind a firewall so
that nobody could access it, but many people find it convenient to 
have their workstations accessible to the outside world. 

While you might be able to get away with less, I think there is a 
clear use case for a "network secure" workstation.

Justin



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message