From owner-trustedbsd-discuss@FreeBSD.ORG  Wed Jul 19 11:10:41 2006
Return-Path: <owner-trustedbsd-discuss@FreeBSD.ORG>
X-Original-To: trustedbsd-discuss@FreeBSD.org
Delivered-To: trustedbsd-discuss@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 49E4516A4DA;
	Wed, 19 Jul 2006 11:10:41 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EEAAA43D4C;
	Wed, 19 Jul 2006 11:10:40 +0000 (GMT)
	(envelope-from rwatson@FreeBSD.org)
Received: from fledge.watson.org (fledge.watson.org [209.31.154.41])
	by cyrus.watson.org (Postfix) with ESMTP id 8DC1346C36;
	Wed, 19 Jul 2006 07:10:40 -0400 (EDT)
Date: Wed, 19 Jul 2006 12:10:40 +0100 (BST)
From: Robert Watson <rwatson@FreeBSD.org>
X-X-Sender: robert@fledge.watson.org
To: Tom Rhodes <trhodes@FreeBSD.org>
In-Reply-To: <20060713033633.362f272e.trhodes@FreeBSD.org>
Message-ID: <20060719120751.G2059@fledge.watson.org>
References: <20060713033633.362f272e.trhodes@FreeBSD.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: trustedbsd-discuss@FreeBSD.org
Subject: Re: Interesting link on OpenSolaris
X-BeenThere: trustedbsd-discuss@FreeBSD.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TrustedBSD General Discussion List <trustedbsd-discuss.FreeBSD.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/trustedbsd-discuss>, 
	<mailto:trustedbsd-discuss-request@FreeBSD.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/trustedbsd-discuss>
List-Post: <mailto:trustedbsd-discuss@FreeBSD.org>
List-Help: <mailto:trustedbsd-discuss-request@FreeBSD.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/trustedbsd-discuss>, 
	<mailto:trustedbsd-discuss-request@FreeBSD.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jul 2006 11:10:41 -0000

On Thu, 13 Jul 2006, Tom Rhodes wrote:

> Glenn Brunette, a Sun employee posted this link to a list I'm on, and it 
> appears pretty interesting:
>
> http://www.opensolaris.org/os/project/smf-profiles/Design/
>
> To quote some of Glenn's email:
>
> "It will have a strong bearing on the future of hardening Solaris down the 
> road.  For those that may not have seen it, the Solaris Secure by Default 
> project also integrated into Nevada/OpenSolaris at build 42:
>
>    http://blogs.sun.com/gbrunett?entry=solaris_secure_by_default_part "
>
> Seems pretty interesting to me.

Yes, for this reason FreeBSD has generally been configured with all network 
services disabled by default for several years, although we offer explicit 
options to turn certain services on from inception during the install process 
(such as sshd).

Robert N M Watson
Computer Laboratory
University of Cambridge