From owner-freebsd-security  Fri Sep 17 23:57:51 1999
Delivered-To: freebsd-security@freebsd.org
Received: from jason.argos.org (a1-3a123.neo.rr.com [24.93.180.123])
	by hub.freebsd.org (Postfix) with ESMTP id C768F159BE
	for <security@freebsd.org>; Fri, 17 Sep 1999 23:57:37 -0700 (PDT)
	(envelope-from mike@argos.org)
Received: from localhost (mike@localhost)
	by jason.argos.org (8.9.1/8.9.1) with ESMTP id CAA30838
	for <security@freebsd.org>; Sat, 18 Sep 1999 02:57:35 -0400
Date: Sat, 18 Sep 1999 02:57:35 -0400 (EDT)
From: Mike Nowlin <mike@argos.org>
To: security@freebsd.org
Subject: Re: Securing a system that's been rooted remotely (Was: BPF on  in
 3.3-RC GENERIC kernel)
In-Reply-To: <Pine.BSF.4.10.9909171603270.26241-100000@hub.freebsd.org>
Message-ID: <Pine.LNX.4.05.9909180252510.30790-100000@jason.argos.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


> Securelevel high, GENERIC kernel, locked down with schg = silly, because
> for all the work you've done to audit the startup path, you might as well
> have just commented out the bpf driver and rebuilt your kernel too.

This whole discussion is silly...  We've beat it into the ground several
times now, and there's valid arguments on both sides.  Everyone should
make their own decision.

The guys who decide what's in GENERIC are probably sick and tired of
hearing about the pitfalls of BPF.  They seem to think (and I agree) that
it's easier to re-compile the kernel than fix all of the BPF-related
problems.  If you're worried about somebody kicking your system over to a
GENERIC kernel, then just remove the damn thing and fix the boot files.


mike




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message