Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 5 Feb 1999 07:39:04 +1100 (EDT)
From:      Darren Reed <avalon@coombs.anu.edu.au>
To:        mike@seidata.com
Cc:        jwyatt@RWSystems.net, axl@iafrica.com, vader@vader.dk, security@FreeBSD.ORG
Subject:   Re: Enabling bpf device in kernel (was: Re: tcpdump)
Message-ID:  <199902042039.HAA19936@cheops.anu.edu.au>
In-Reply-To: <Pine.BSF.4.05.9902041446380.15864-100000@ns1.seidata.com> from "mike@seidata.com" at Feb 4, 99 02:55:25 pm

next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from mike@seidata.com, sie said:
[...]
> Actually, it's heading down the same slippery slope...  enable as much
> by default as possible so the unknowing user can utilize as many
> utilities as possible...  Down side?  Loss of efficiency and lack of
> security.

It has *NO* impact on security.  Get that through your head!

The cost is space on the boot floppy, memory used and a small, very small,
overhead for networking (if anyone is really convinced of this then they
should go ahead and do some testing to quantify the overhead in terms of
ms per packet).

Darren

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199902042039.HAA19936>