From owner-freebsd-security Wed Feb 3 13:08:22 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA22787 for freebsd-security-outgoing; Wed, 3 Feb 1999 13:08:22 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from axl.noc.iafrica.com (axl.noc.iafrica.com [196.31.1.175]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA22762 for ; Wed, 3 Feb 1999 13:08:02 -0800 (PST) (envelope-from sheldonh@axl.noc.iafrica.com) Received: from sheldonh (helo=axl.noc.iafrica.com) by axl.noc.iafrica.com with local-esmtp (Exim 2.11 #1) id 1089WJ-0006pt-00; Wed, 3 Feb 1999 23:07:35 +0200 From: Sheldon Hearn To: Coranth Gryphon cc: security@FreeBSD.ORG Subject: Re: tcpdump In-reply-to: Your message of "Wed, 03 Feb 1999 11:36:12 PST." <36B8A52C.87FC356@healer.com> Date: Wed, 03 Feb 1999 23:07:34 +0200 Message-ID: <26280.918076054@axl.noc.iafrica.com> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 03 Feb 1999 11:36:12 PST, Coranth Gryphon wrote: > Perhaps it's worth revisting the GENERIC issue from another direction. > What if FreeBSD shipped with two pre-built kernels, one with > most of the options (LKM, BPF, etc) turned on by default and > the other reasonable locked down (ie SECURE). I think the discussion has moved on from "should we ship a bpf-enabled kernel", which is the issue you seem to be addressing with your suggestion. I think the issue being discussed is really "is a bpf-enabled kernel any less secure than one without bpf?" I think once that's decided, the rest will fall into place. What does worry me a little is the idea of making bpf's operation dependant on the running securelevel. I thought securelevel restricted messing around _inside_ my box. What's that got to do with what my box can do with my wire, I wonder? Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message