From owner-freebsd-stable Mon Aug 27 20: 3:31 2001 Delivered-To: freebsd-stable@freebsd.org Received: from drkshdw.org (user4.net011.fl.sprint-hsd.net [207.30.203.4]) by hub.freebsd.org (Postfix) with SMTP id 9483C37B409 for ; Mon, 27 Aug 2001 20:03:25 -0700 (PDT) (envelope-from scorpio@drkshdw.org) Received: (qmail 27715 invoked from network); 28 Aug 2001 03:03:22 -0000 Received: from unknown (HELO localhost) (127.0.0.1) by 0 with SMTP; 28 Aug 2001 03:03:22 -0000 Date: Mon, 27 Aug 2001 23:03:22 -0400 (EDT) From: Jeff Palmer X-X-Sender: To: Not Going to Tell You Cc: Subject: Re: Security on FreeBSD In-Reply-To: Message-ID: <20010827230016.G27670-100000@jeff.isni.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, 27 Aug 2001, Not Going to Tell You wrote: > We would like to have a script written that removes all files not needed for > a FreeBSD server. Does anyone know a place that has a list of which files > are associated with which program? i'd reccomend installing FreeBSD with the "minimal" settings. then cvsup to the RELENG_4_3 branch, copy /etc/defaults/make.conf to /etc/make.conf Flavor the new /etc/make.conf to your taste. make world, and then follow the FreeBSD-security mailing list. instead of deleting all "uneeded" binaries, I'd leave them in place, just remove setuid and setgid from them. compilers and etc are good to have, especially when building world due to a recent exploit or vulnerability. Just my two cents, with the current rate of inflation, it's nothing. Jeff Palmer scorpio@drkshdw.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message