Date: Fri, 17 Apr 1998 13:16:56 -0500 From: Ted Spradley <tsprad@set.spradley.tmi.net> To: Robert Watson <robert+freebsd@cyrus.watson.org> Cc: Dima Ruban <dima@best.net>, Matthew Hunt <mph@pobox.com>, stable@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: kernel permissions Message-ID: <E0yQFh3-00071V-00@set.spradley.tmi.net> In-Reply-To: Your message of "Fri, 17 Apr 1998 01:45:29 EDT." <Pine.BSF.3.96.980417013537.8952E-100000@trojanhorse.pr.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson writes: > With all this discussion of various things that might or might not improve > the security of a FreeBSD system, I'd like to propose the FreeBSD > Hardening Project. Good idea. [...] > Some other thoughts I had were instructions for rolling a custom system CD > + possibly a boot disk to create read-only machines for use as proxy > servers or routers. Swap + MFS would be the only writable areas of the > system, and neither of those would persist over boot. I think this is a *particularly* good idea. Much less to worry about if most if the important stuff is read-only or write-once-read-many. [...] > Robert N Watson > > > ---- > Carnegie Mellon University http://www.cmu.edu/ > Trusted Information Systems http://www.tis.com/ > SafePort Network Services http://www.safeport.com/ > robert@fledge.watson.org http://www.watson.org/~robert/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0yQFh3-00071V-00>