From owner-freebsd-security  Thu Aug  1  5:28: 5 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5CC6237B400; Thu,  1 Aug 2002 05:28:00 -0700 (PDT)
Received: from blues.jpj.net (blues.jpj.net [208.210.80.156])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id A15F143E72; Thu,  1 Aug 2002 05:27:59 -0700 (PDT)
	(envelope-from trevor@jpj.net)
Received: from blues.jpj.net (localhost.jpj.net [127.0.0.1])
	by blues.jpj.net (8.12.3/8.12.3) with ESMTP id g71CRwot025652;
	Thu, 1 Aug 2002 08:27:58 -0400 (EDT)
	(envelope-from trevor@jpj.net)
Received: from localhost (trevor@localhost)
	by blues.jpj.net (8.12.3/8.12.3/Submit) with ESMTP id g71CRws9025649;
	Thu, 1 Aug 2002 08:27:58 -0400 (EDT)
X-Authentication-Warning: blues.jpj.net: trevor owned process doing -bs
Date: Thu, 1 Aug 2002 08:27:58 -0400 (EDT)
From: Trevor Johnson <trevor@jpj.net>
To: Dag-Erling Smorgrav <des@ofug.org>
Cc: Mike Tancsa <mike@sentex.net>, Ruslan Ermilov <ru@FreeBSD.ORG>,
	<security@FreeBSD.ORG>
Subject: Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE
 now has OpenSSH 3.4p1]
In-Reply-To: <xzpit2u22vx.fsf@flood.ping.uio.no>
Message-ID: <20020801081645.T19455-100000@blues.jpj.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Dag-Erling Smorgrav wrote:

> Trevor Johnson <trevor@jpj.net> writes:
> > Removing a weakness in security is not an arbitrary change.  It is the
> > type of change that is suitable for FreeBSD -STABLE in spite of
> > inconvenience to users, and making one-line changes to two files is only a
> > mild inconvenience.
>
> So make that change on your own systems.

This is the section of http://www.openbsd.org/security.html#default which
I had hoped you would read:

	To ensure that novice users of OpenBSD do not need to become
	security experts overnight (a viewpoint which other vendors seem
	to have), we ship the operating system in a Secure by Default
	mode. All non-essential services are disabled. As the
	user/administrator becomes more familiar with the system, he will
	discover that he has to enable daemons and other parts of the
	system. During the process of learning how to enable a new
	service, the novice is more likely to learn of security
	considerations.

	This is in stark contrast to the increasing number of systems that
	ship with NFS, mountd, web servers, and various other services
	enabled by default, creating instantaneous security problems for
	their users within minutes after their first install.

In enabling protocol version 1 by default, you have created a security
problem for new users of FreeBSD.  If they become aware of the problem,
they can reconfigure their systems as you advise me to do.  It is better
for users to choose to diminish their security when they need a service.
-- 
Trevor Johnson


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message