From owner-freebsd-hackers@FreeBSD.ORG Thu Aug 21 09:21:08 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0451D16A4C0 for ; Thu, 21 Aug 2003 09:21:08 -0700 (PDT) Received: from milla.ask33.net (milla.ask33.net [217.197.166.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1EFDB43FE1 for ; Thu, 21 Aug 2003 09:21:06 -0700 (PDT) (envelope-from nick@milla.ask33.net) Received: by milla.ask33.net (Postfix, from userid 1001) id 1E5063ABB3F; Thu, 21 Aug 2003 18:21:56 +0200 (CEST) Date: Thu, 21 Aug 2003 18:21:56 +0200 From: Pawel Jakub Dawidek To: ari , freebsd-hackers@freebsd.org, flowpriv@episec.com Message-ID: <20030821162156.GL47959@garage.freebsd.pl> References: <20030817181315.GL55671@episec.com> <20030821065854.GA11586@dan.emsphone.com> <20030821125028.GY55671@episec.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="2OzUYMsT4j3Kc+NU" Content-Disposition: inline In-Reply-To: <20030821125028.GY55671@episec.com> X-PGP-Key-URL: http://garage.freebsd.pl/jules.asc X-OS: FreeBSD 4.8-RELEASE-p3 i386 X-URL: http://garage.freebsd.pl User-Agent: Mutt/1.5.1i Subject: Re: [future patch] dropping user privileges on demand X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Aug 2003 16:21:08 -0000 --2OzUYMsT4j3Kc+NU Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 21, 2003 at 08:50:28AM -0400, ari wrote: +> However, systrace is a good bit more complex than this should be, and +> the performance penalty can be significant. Neither programmers nor +> admins should be expected to implement something that slows down their +> programs on a wide scale, even if it would be advisable from a security +> standpoint. The implementation of flowpriv, however, will have a +> negligible performance impact (about three memory references per system +> call). I _do_ believe that systrace and flowpriv should work together, +> but i don't believe they should be consolidated. Let me explain you something. "flowpriv" isn't a well known standard. If you susspect that developers will rewrite their programms (and there are many things for rewritting to use such mechanism) you're wrong. This is my opinion. That's why I've decide to create CerbNG - it is totally transparent for applications and I think Niels Provos shares my opinion in systrace. --=20 Pawel Jakub Dawidek pawel@dawidek.net UNIX Systems Programmer/Administrator http://garage.freebsd.pl Am I Evil? Yes, I Am! http://cerber.sourceforge.net --2OzUYMsT4j3Kc+NU Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iQCVAwUBP0TxpD/PhmMH/Mf1AQHXvAP+NAiZSoBkcwGEaLvhyY5M1Qb7kEpWeNeF 2TXJrfGxJUFQSXCn+JCoSAHqfwk+1h+bzmjvn2aYh7RenTffXcl4eg3IwmmGGVlz 8cT0dZZ8DU30s5U4jgC4+ZHx38bap+XbckbiAzoMuMQM65W/t5i6caQ9nWcB8zpc lwQ+CDsTvY0= =Ms9p -----END PGP SIGNATURE----- --2OzUYMsT4j3Kc+NU--