From owner-freebsd-questions@FreeBSD.ORG Mon Apr 2 08:00:35 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AF958106564A for ; Mon, 2 Apr 2012 08:00:35 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [115.70.110.159]) by mx1.freebsd.org (Postfix) with ESMTP id DEEBB8FC08 for ; Mon, 2 Apr 2012 08:00:34 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id q327m6Le079921; Mon, 2 Apr 2012 17:48:06 +1000 (EST) (envelope-from smithi@nimnet.asn.au) Date: Mon, 2 Apr 2012 17:48:05 +1000 (EST) From: Ian Smith To: Erich Dollansky In-Reply-To: <20120401045919.246CE1065672@hub.freebsd.org> Message-ID: <20120402163942.K2060@sola.nimnet.asn.au> References: <20120401045919.246CE1065672@hub.freebsd.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: "Julian H. Stacey" , schultz@ime.usp.br, Da Rock , freebsd-questions@freebsd.org Subject: Re: FreeBSD Security in Multiuser Environments X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Apr 2012 08:00:35 -0000 In freebsd-questions Digest, Vol 408, Issue 10, Message: 5 On Sat, 31 Mar 2012 21:05:00 +0700 Erich Dollansky wrote: > On Saturday 31 March 2012 20:26:14 Julian H. Stacey wrote: [..] > > Da Rock wrote: > > > On 03/31/12 17:46, Julian H. Stacey wrote: [..] > > > > schultz@ime.usp.br wrote: > > > >> Hello, > > > >> > > > >> I would like to raise a discussion about the security features > > > >> of FreeBSD as a whole and how they might be employed to actually > > > >> derive some meaningful guarantees. > > > > We have a list specialy for freebsd-security@. Please use it. I thought this to be sensible advice. Before seeing that I'd thought of copying it to rwatson@ who I figured might take an interest due to his involvement with Capsicum, acl(3) and such, but he certainly reads that list anyway (and more than likely, not this one :) > > > Hang on, hold the phone: The security list (specifically) is for > > > security announcements. At least that what it said when I subscribed to > > > it... > > > > Wrong. Correct :) > > For list of mail lists see: > > http://lists.freebsd.org/mailman/listinfo > > > > Specifically: > > freebsd-security@freebsd.org > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > > freebsd-security-notifications@freebsd.org > > http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications > this sounds very confusing for people who have simple question: > > 'General system administrator questions of an FAQ nature are > off-topic for this list, but the creation and maintenance of a FAQ is > on-topic. Thus, the submission of questions (with answers) for > inclusion into the FAQ is welcome. Such question/answer sets should > be clearly marked as (at least "FAQ submission") such in the subject. > ' schultz' post was nothing in the way of an FAQ issue, but a request for discussion of a wide range of system security issues, far indeed from a 'simple question'. Had you posted the two paragraphs before the one you quote above, this may have been a little clearer. To wit: "This is a technical discussion list covering FreeBSD security issues. The intention is for the list to contain a high-signal, low-noise discussion of issues affecting the security of FreeBSD. "Welcome topics include Cryptography (as it relates to FreeBSD), OS bugs that affect security, and security design issues. Denial-of-service (DoS) issues are less important than problems that allow an attacker to achieve elevated privelige, but are still on-topic." > This sounds that 'schultz' would be wrong there. Not at all Erich, quite the opposite in my view; as someone who's been subscribed to freebsd-security@ for 12 or so years, I look forward to seeing informed responses to some of schultz' issues. In any event, {s,}he promptly took Julian's advice to post it there, where one aspect has already attracted responses from des@ and pjd@ The best way to get a good sense of what issues are acceptible and/or useful topics for which lists, without having to subscribe, is to browse a list's archives for several months. Works for me. In this case try: http://lists.freebsd.org/pipermail/freebsd-security/ cheers, Ian