From owner-freebsd-hackers  Tue Apr 23  8:23:54 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from tinker.exit.com (tinker.exit.com [206.223.0.1])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3324037B417; Tue, 23 Apr 2002 08:23:50 -0700 (PDT)
Received: from realtime.exit.com (realtime [206.223.0.5])
	by tinker.exit.com (8.12.3/8.12.3) with ESMTP id g3NFNccN078124;
	Tue, 23 Apr 2002 08:23:38 -0700 (PDT)
	(envelope-from frank@exit.com)
Received: from realtime.exit.com (localhost [127.0.0.1])
	by realtime.exit.com (8.12.2/8.12.2) with ESMTP id g3NFNQwn029650;
	Tue, 23 Apr 2002 08:23:26 -0700 (PDT)
	(envelope-from frank@realtime.exit.com)
Received: (from frank@localhost)
	by realtime.exit.com (8.12.2/8.12.2/Submit) id g3NFNQnq029649;
	Tue, 23 Apr 2002 08:23:26 -0700 (PDT)
From: Frank Mayhar <frank@exit.com>
Message-Id: <200204231523.g3NFNQnq029649@realtime.exit.com>
Subject: Re: Security through obscurity? (was: ssh + compiled-in SKEY support
 considered harmful?)
In-Reply-To: <Pine.NEB.3.96L.1020423110123.64976j-100000@fledge.watson.org>
To: Robert Watson <rwatson@FreeBSD.ORG>
Date: Tue, 23 Apr 2002 08:23:26 -0700 (PDT)
Cc: "Greg 'groggy' Lehey" <grog@FreeBSD.ORG>,
	Jordan Hubbard <jkh@winston.freebsd.org>,
	Oscar Bonilla <obonilla@galileo.edu>,
	Anthony Schneider <aschneid@mail.slc.edu>,
	Mike Meyer <mwm-dated-1019955884.8b118e@mired.org>,
	hackers@FreeBSD.ORG
Reply-To: frank@exit.com
Organization: Exit Consulting
X-Copyright0: Copyright 2002 Frank Mayhar.  All Rights Reserved.
X-Copyright1: Permission granted for electronic reproduction as Usenet News or email only.
X-Mailer: ELM [version 2.4ME+ PL95a (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

Robert, it's really, really simple.  For new installs, install the new, more
secure behavior.  Be sure to loudly document this behavior so that those of
us who expect the _old_ behavior don't get bitten by the change.  And don't
change the old behavior in upgrades of existing systems.  As I said in my
other email, if you _must_ change the defaults, add overrides so the behavior
doesn't change.  And by "add overrides" I mean something like an
/etc/rc.conf.override file that gets pulled in after /etc/defaults/rc.conf
but before /etc/rc.conf.

(This says nothing about the necessity or desirability of the change itself,
by the way.  That's an entirely _different_ argument.)

When you change defaults on a running system, you piss off a lot of users.
Including me. :-)
-- 
Frank Mayhar frank@exit.com	http://www.exit.com/
Exit Consulting                 http://www.gpsclock.com/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message