From owner-freebsd-chat@FreeBSD.ORG  Tue Jun 29 17:28:54 2004
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
Delivered-To: freebsd-chat@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3C3DC16A4CF
	for <freebsd-chat@freebsd.org>; Tue, 29 Jun 2004 17:28:54 +0000 (GMT)
Received: from mail1.atl.registeredsite.com (mail1.atl.registeredsite.com
	[64.224.219.75])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 030B543D39
	for <freebsd-chat@freebsd.org>; Tue, 29 Jun 2004 17:28:54 +0000 (GMT)
	(envelope-from kevin_lyons@ofdengineering.com)
Received: from imta06a2.registeredsite.com (imta06a2.registeredsite.com
	[64.225.255.15])i5THSbWZ011765
	for <freebsd-chat@freebsd.org>; Tue, 29 Jun 2004 17:28:37 GMT
Received: from ofdengineering.com ([66.137.123.97])
	by imta06a2.registeredsite.com with ESMTP
	<20040629172837.GCNQ4212.imta06a2.registeredsite.com@ofdengineering.com>
	for <freebsd-chat@freebsd.org>; Tue, 29 Jun 2004 13:28:37 -0400
Message-ID: <40E1A6C0.2040406@ofdengineering.com>
Date: Tue, 29 Jun 2004 12:28:32 -0500
From: Kevin Lyons <kevin_lyons@ofdengineering.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-chat@freebsd.org
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Subject: "TrustedBSD" addons 
X-BeenThere: freebsd-chat@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Non technical items related to the community
	<freebsd-chat.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-chat>
List-Post: <mailto:freebsd-chat@freebsd.org>
List-Help: <mailto:freebsd-chat-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jun 2004 17:28:54 -0000

I was reading with some surprise that some of the MAC and other "addons" 
from trusted bsd are to be incorporated.

I can already see the security advisories for these things like we've 
had for tcpwrapper, kerberos, heimdal, jail, openssl, etcetera ad 
infinitum.

Is this the right way to go?  We're adding more bloat while openbsd is 
cleaning itself and reworking kernal memory allocation to make exploits 
near impossible.

I dloaded 5.2 but haven't installed yet.  I hope there is a way to 
disable the MAC and other of these "trustedbsd features" that seem to 
keep DARPA funded userland people busy.


-- 
Kevin Lyons
OFD Engineering, 950 Threadneedle Suite 250, Houston Texas 77079
Phone: 281-679-9060, ext. 118, E-mail: kevin_lyons@ofdengineering.com