Date: Mon, 29 Nov 1999 17:59:10 -0800 From: "Jordan K. Hubbard" <jkh@zippy.cdrom.com> To: Kris Kennaway <kris@hub.freebsd.org> Cc: Matthew Dillon <dillon@apollo.backplane.com>, Dan Moschuk <dan@freebsd.org>, arch@freebsd.org, audit@freebsd.org Subject: Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern kern_fork.c src/sys/libkern arc4random.c src/sys/sys libkern.h Message-ID: <88174.943927150@zippy.cdrom.com> In-Reply-To: Your message of "Mon, 29 Nov 1999 13:27:42 PST." <Pine.BSF.4.21.9911291319580.51314-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> * Changes which tighten security are arguably only useful if they're on by > default, otherwise all the newbies will leave them off, and have > (relatively speaking) insecure boxes. That's highly arguable. We provide secure levels, for example, but if we turned them on to any appreciable degree then people's X servers wouldn't work because we have no aperture driver. Would it be correct in the general case? Yes. Would it be correct for workstation users? No. Such is also the case in numerous other situations and it really is a question of providing mechanisms which people can use selectively, not just in providing the best "out of box" security defaults. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?88174.943927150>