From owner-freebsd-hackers@FreeBSD.ORG  Fri May  4 14:58:30 2012
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 237AD1065673
	for <freebsd-hackers@freebsd.org>; Fri,  4 May 2012 14:58:30 +0000 (UTC)
	(envelope-from wojtek@wojtek.tensor.gdynia.pl)
Received: from wojtek.tensor.gdynia.pl (wojtek.tensor.gdynia.pl [89.206.35.99])
	by mx1.freebsd.org (Postfix) with ESMTP id 75EA78FC0C
	for <freebsd-hackers@freebsd.org>; Fri,  4 May 2012 14:58:29 +0000 (UTC)
Received: from wojtek.tensor.gdynia.pl (localhost [127.0.0.1])
	by wojtek.tensor.gdynia.pl (8.14.5/8.14.5) with ESMTP id q44EwRTD006506;
	Fri, 4 May 2012 16:58:27 +0200 (CEST)
	(envelope-from wojtek@wojtek.tensor.gdynia.pl)
Received: from localhost (wojtek@localhost)
	by wojtek.tensor.gdynia.pl (8.14.5/8.14.5/Submit) with ESMTP id
	q44EwQM5006503; Fri, 4 May 2012 16:58:26 +0200 (CEST)
	(envelope-from wojtek@wojtek.tensor.gdynia.pl)
Date: Fri, 4 May 2012 16:58:25 +0200 (CEST)
From: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>
To: Giorgos Keramidas <keramida@ceid.upatras.gr>
In-Reply-To: <CAKR2__1rgORJ6FKDDYEb=uYG==RA=puOyzssaR-JjS3evLbg3Q@mail.gmail.com>
Message-ID: <alpine.BSF.2.00.1205041655520.6437@wojtek.tensor.gdynia.pl>
References: <CAHMRaQf=M0ULOH=KnqzOXvczSM0Lb6apCoQkJegqyU3e8+gShA@mail.gmail.com>
	<alpine.BSF.2.00.1204272025080.5846@wojtek.tensor.gdynia.pl>
	<20120427203117.GA2055@gizmo.acns.msu.edu>
	<CAOgwaMv_9c_W4fek-kGhQV3B5bKv4RnEFn_6ixn2LS7qDPma6Q@mail.gmail.com>
	<CAKR2__3C2r1LTk3Sf0w52Jjp3KZhPduqrN0vsvr1VCCb+tF4UQ@mail.gmail.com>
	<4FA12980.6080101@cs.stonybrook.edu>
	<CAKR2__1rgORJ6FKDDYEb=uYG==RA=puOyzssaR-JjS3evLbg3Q@mail.gmail.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.2.7
	(wojtek.tensor.gdynia.pl [127.0.0.1]);
	Fri, 04 May 2012 16:58:28 +0200 (CEST)
Cc: Richard Yao <ryao@cs.stonybrook.edu>, Jerry McAllister <jerrymc@msu.edu>,
	freebsd-hackers@freebsd.org,
	Mehmet Erol Sanliturk <m.e.sanliturk@gmail.com>,
	Andy@freebsd.org, Young <ayoung@mosaicarchive.com>
Subject: Re: Ways to promote FreeBSD?
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 04 May 2012 14:58:30 -0000

> Not really, no. I was referring to the practice of starting a gazillion
> services by default, including dbus, avahi, ftp and http services,
> file sharing components, and all the rest of the stuff that is now
> commonly installed as part of a "Linux desktop".  SELinux is indeed
> one form of hardening, but I wasn't referring specifically to it; exactly
> the opposite, in fact.

Without running unneeded things there is no need to "harden".
In spite of FreeBSD having quite a lot of extra security features, i don't 
really use more than standard unix security and jails, it is not really 
needed.

FreeBSD do this (almost) right - default rc.conf doesn't ruch much, but 
still too much. no idea why inetd is run by default, with no services but 
anyway.