From owner-freebsd-security@FreeBSD.ORG Thu Jul 21 15:53:13 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C21D816A449; Thu, 21 Jul 2005 15:53:13 +0000 (GMT) (envelope-from delphij@frontfree.net) Received: from tarsier.geekcn.org (tarsier.geekcn.org [210.51.165.229]) by mx1.FreeBSD.org (Postfix) with ESMTP id 32BAD43D80; Thu, 21 Jul 2005 15:52:58 +0000 (GMT) (envelope-from delphij@frontfree.net) Received: from beastie.frontfree.net (unknown [219.239.99.7]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by tarsier.geekcn.org (Postfix) with ESMTP id 01BB0EB3B23; Thu, 21 Jul 2005 23:52:54 +0800 (CST) Received: from localhost (localhost.frontfree.net [127.0.0.1]) by beastie.frontfree.net (Postfix) with ESMTP id 4A1F11378E2; Thu, 21 Jul 2005 23:52:52 +0800 (CST) Received: from beastie.frontfree.net ([127.0.0.1]) by localhost (beastie.frontfree.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 20635-06; Thu, 21 Jul 2005 23:52:43 +0800 (CST) Received: by beastie.frontfree.net (Postfix, from userid 1001) id 0480E1378D6; Thu, 21 Jul 2005 23:52:41 +0800 (CST) Date: Thu, 21 Jul 2005 23:52:41 +0800 From: Xin LI To: piechota@argolis.org Message-ID: <20050721155241.GA20438@frontfree.net> References: <42DCC503.5000408@ludd.ltu.se> <20050719213356.GA1614@gothmog.gr> <20050721101331.GB854@trit.org> <24999.192.35.35.35.1121959413.squirrel@192.35.35.35> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="fUYQa+Pmc3FrFX/N" Content-Disposition: inline In-Reply-To: <24999.192.35.35.35.1121959413.squirrel@192.35.35.35> User-Agent: Mutt/1.4.2.1i X-GPG-key-ID/Fingerprint: 0xCAEEB8C0 / 43B8 B703 B8DD 0231 B333 DC28 39FB 93A0 CAEE B8C0 X-GPG-Public-Key: http://www.delphij.net/delphij.asc X-Operating-System: FreeBSD beastie.frontfree.net 5.4-RELEASE-p5 FreeBSD 5.4-RELEASE-p5 #3: Thu Jul 21 11:45:42 CST 2005 delphij@beastie.frontfree.net:/usr/obj/usr/src/sys/BEASTIE i386 X-URL: http://www.delphij.net X-By: delphij@beastie.frontfree.net X-Location: Beijing, China X-Virus-Scanned: amavisd-new at frontfree.net Cc: freebsd-security@freebsd.org, Dima Dorfman Subject: Re: Adding OpenBSD sudo to the FreeBSD base system? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Jul 2005 15:53:14 -0000 --fUYQa+Pmc3FrFX/N Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 21, 2005 at 10:23:33AM -0500, piechota@argolis.org wrote: > > FWIW, I don't see any reason to include sudo in the base system. It's > > something that I install on every computer, but I don't mind building > > the port or installing it from a package. Unlike some of the other > > things I usually want on every system (e.g., emacs), it's small and > > doesn't have any dependencies, so it's not a problem to install it as > > soon as the system is online. That said, I wouldn't object to having > > it in the base, either. >=20 > I see two reasons for a "nay" vote: If we put everything a group of people > find useful in the base system, we're going to end up with soemthing like > Redhat, where there's tons of software the rarely gets used. Secondly, > some 'customers' have a very dim view of sudo (mostly for bad reasons, but > they ban it anyways). My reasons for why not to have sudo(1) in our base is that: - It is actively maintained and generally speaking it won't be hard to build/install from ports collection. - It provides another way of utilizing privileges, and needs careful configuration. - We do not have a killer application to ease maintaince of the configuration (yet). The reasons why it can be in our base is that: + It is cool because fine grained access to the privilege is possible, and it is the tool that I will want to install on every boxes. + It's BSD licensed So my position would be neutral. Personally I would prefer the following scheme: o FreeBSD Base System is what we "must have" in a basic Unix system, including ls, cat, libc, your kernel, etc. o A set of pre-built packages included in disc1 provides what most people will want, and is small enough, e.g. sudo, c[vs]up, portaudit, freebsd-update, better development environment or scripting languages, e.g. python, etc. These ports are considered special or security critical, maybe maintained under the src/ tree (or sort of), causing every "make buildworld" with some symbol defined to cover upgrades of them, but also permitting portaudit to check vulnerabilities on these packages. Of course this scheme would be complex to implement, so just my 0.02 RMB :-) Cheers, --=20 Xin LI http://www.delphij.net/ See complete headers for GPG key and other information. --fUYQa+Pmc3FrFX/N Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFC38TJ/cVsHxFZiIoRAtXDAJ9nYIiRj5IuajmfrqvRBbtrDc3oFACfYStG R73xna9JdGVFSjafrhiAAtM= =Arw/ -----END PGP SIGNATURE----- --fUYQa+Pmc3FrFX/N--