From owner-freebsd-hackers Tue Apr 23 9:40: 0 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mail3.home.nl (mail3.home.nl [213.51.129.227]) by hub.freebsd.org (Postfix) with ESMTP id A3AE937B405; Tue, 23 Apr 2002 09:39:53 -0700 (PDT) Received: from lisa.CC40670-a.groni1.gr.nl.home.com ([217.123.110.189]) by mail3.home.nl (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20020423163801.VSDP17620.mail3.home.nl@lisa.CC40670-a.groni1.gr.nl.home.com>; Tue, 23 Apr 2002 18:38:01 +0200 Content-Type: text/plain; charset="iso-8859-1" From: Jochem Kossen To: frank@exit.com Subject: Re: Security through obscurity? (and /etc/defaults/rc.conf changes) Date: Tue, 23 Apr 2002 18:39:44 +0200 X-Mailer: KMail [version 1.4] Cc: "Greg 'groggy' Lehey" , hackers@FreeBSD.ORG References: <200204231454.g3NEsxFR019646@realtime.exit.com> In-Reply-To: <200204231454.g3NEsxFR019646@realtime.exit.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200204231839.44923.j.kossen@home.nl> Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tuesday 23 April 2002 16:54, Frank Mayhar wrote: > Jochem Kossen wrote: > > Because things evolve? :) > > You say "evolve." I say "get broken." Don't tell me that in 11 years, defaults never change > > > How do I know which man page to read? > > > > You start X with startx, seems obvious to me. The disabling of tcp > > connections only applies to startx > > It's not obvious when one has been starting X with the same command > for years and it has never before changed. Gee, seems to seriously > violate POLA, eh? I agree, but i still wonder why people didn't come up with it sooner > > OK, then i suggest we mention it in the handbook, the security > > policy document, the manpage AND the release notes :) > > Just don't do it in the first place. If you must have this, make a > _new_ command ("secure-startx," perhaps) and point to it in the > release notes. This is a very good idea IMHO, although without the patch 'startx=20 -nolisten_tcp' works too...Then i'd say rip the patch out completely > > For the simple reason I don't like useless open ports on my system. > > I don't use it, _most_ other people don't use it, so i sent in a > > patch. > > Yeah, but unless one is installing a fresh system, one shouldn't care > so much. And, by the way, how do you define "useless?" To me, > having X listening for TCP connections is far from useless. It is useless to _me_ because i don't use it. Like i said in a previous=20 mail, I didn't like the default, so I sent in the patch as a proposal=20 to the ports@ mailinglist, and they all seemed to like it too. Nobody=20 complained, thus the patch was integrated. Simple. I sent in the patch because it seemed obvious to me to send in a patch=20 which people liked. It was just a proposal. The people responsible and=20 a few others liked it too, and integrated it. > > Of course, it was only discussed on the ports@ mailinglist, but it > > didn't seem like such a big deal to me or apparently the others... > > This is another case of changing the default in such a way as to > violate POLA. > > I've given this some thought, particularly with respect to the > rc.conf changes. My opinion is that, while this kind of thing is a > good idea for from-scratch installs (the kind a person new to FreeBSD > might be doing), making these changes to a running system is a Really > Bad Idea. That means that if you _must_ change the defaults, add > overrides at the same time to maintain the old default behavior.=20 > Then document the hell out of the new defaults. One shouldn't have > to read ancient mail archives or pore over cvs logs to figure out > what happened and why. I agree. Next time i send in a patch (doesn't happen often ;)) i'll =20 consider this. > Hey, I'm a kernel programmer (I work on BSD/OS as it happens). I > know what it's like to be stuck with obsolete defaults. The fact of > the matter is, though, that if I change a default and that upsets our > customers, we potentially lose revenue and I potentially lose my job. > This gives me real incentive to get it right, and that means not > pulling the rug out from under the end user. > > IMHO, this was botched. Sorry, David, I calls 'em as I see 'em. David? But ehh...If people really want to change this, could someone file a PR?=20 :) (i can't right now, isp problems... i can only use their mailserver.=20 Besides, i'm not the one complaining) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message