Date: Fri, 17 Apr 1998 22:40:14 +0200 From: "H. Eckert" <ripley@nostromo.in-berlin.de> To: freebsd-security@FreeBSD.ORG Subject: Re: kernel permissions Message-ID: <19980417224014.65058@nostromo.in-berlin.de> In-Reply-To: <199804162302.BAA15315@ocean.campus.luth.se>; from Mikael Karpberg on Fri, Apr 17, 1998 at 01:02:22AM %2B0200 References: <E0yPx1m-0005qz-00@set.spradley.tmi.net> <199804162302.BAA15315@ocean.campus.luth.se>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Apr 17, 1998 at 01:02:22AM +0200, Mikael Karpberg wrote: > It's easy to forget to frob all the 1000 small knobs that "you can frob > on YOUR machine if you want it secure". It's however quite easy to remember > to chmod it when you or one of your users gets annoyed at not being able to > read it. It annoys you the first time, but you su, chmod, and exit. Nothing > more to it. You simply will not forget to, because it will not let you. I agree that the "1000 small knobs" of customization is something to be avoided. So let's think on how we can centralize this kind of stuff in a friendly way so a concerned admin can easily browse through a security setup to have lots of knobs activated by doing something like "network=secure" in the config file. Think of the /etc/rc.conf that handles a lot of things. If we can have a friendly frontend program as has already been suggested that's even better. Greetings, Ripley -- http://www.in-berlin.de/User/nostromo/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980417224014.65058>