From owner-freebsd-security  Wed Jun 16 15:20:49 1999
Delivered-To: freebsd-security@freebsd.org
Received: from fantasy.netreach.net (fantasy.netreach.net [205.197.101.219])
	by hub.freebsd.org (Postfix) with ESMTP id B6B8914D59
	for <security@FreeBSD.ORG>; Wed, 16 Jun 1999 15:20:34 -0700 (PDT)
	(envelope-from petef@netreach.net)
Received: from static-petef.netreach.net (static-petef.netreach.net [209.116.208.124])
	by fantasy.netreach.net (8.9.3/8.9.0) with SMTP id SAA17819;
	Wed, 16 Jun 1999 18:21:29 -0400 (EDT)
Date: Wed, 16 Jun 1999 18:23:13 -0400 (EDT)
From: Pete Fritchman <petef@netreach.net>
To: Warner Losh <imp@harmony.village.org>
Cc: Barrett Richardson <barrett@phoenix.aye.net>,
	Unknow User <kernel@tdnet.com.br>, security@FreeBSD.ORG
Subject: Re: some nice advice.... 
In-Reply-To: <199906161918.NAA01012@harmony.village.org>
Message-ID: <Pine.LNX.3.96.990616182221.28882A-100000@static-petef.netreach.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

If you get compromised, why does it matter?
The attacker compiles a new kernel, waits for you to reboot, boom.

It's kind of hard/stupid to think about something in terms of "what if you
get compromised" - he'll have root and be able to do whatever you are
thinking about doing (equal privelages)

just my two cents.

--------------------
[  Pete Fritchman  ]
[ Systems Engineer ]
[petef@netreach.net]
--------------------

On Wed, 16 Jun 1999, Warner Losh wrote:

> Date: Wed, 16 Jun 1999 13:18:03 -0600
> From: Warner Losh <imp@harmony.village.org>
> To: Barrett Richardson <barrett@phoenix.aye.net>
> Cc: Unknow User <kernel@tdnet.com.br>, security@FreeBSD.ORG
> Subject: Re: some nice advice.... 
> 
> In message <Pine.BSF.4.01.9906160538310.18250-100000@phoenix.aye.net>
> Barrett Richardson writes: 
> : [bpf] can be some risk. If a machine with bpf enabled gets compromised
> : the attacker can use it as a network sniffer.
> 
> That's the biggest reason that I do not enable it on most of my
> machines if I can at all help it.
> 
> However, one could argue that if a machine gets compromized, then an
> attacker could, on the next reboot, cause arbitrary code to run via
> the rc mechanism....  This 'hold' is hard to plug, but is plugable if
> you are running with an elevated secure level...
> 
> Warner
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message