From owner-freebsd-security Sat Jun 19 6:17: 2 1999 Delivered-To: freebsd-security@freebsd.org Received: from aurora.sol.net (aurora.sol.net [206.55.65.76]) by hub.freebsd.org (Postfix) with ESMTP id 3681315156 for ; Sat, 19 Jun 1999 06:16:59 -0700 (PDT) (envelope-from jgreco@aurora.sol.net) Received: (from jgreco@localhost) by aurora.sol.net (8.9.2/8.9.2/SNNS-1.02) id IAA51771; Sat, 19 Jun 1999 08:16:56 -0500 (CDT) From: Joe Greco Message-Id: <199906191316.IAA51771@aurora.sol.net> Subject: Re: make world clobbers (was Re: some nice advice...) In-Reply-To: <61416.929796524@verdi.nethelp.no> from "sthaug@nethelp.no" at "Jun 19, 1999 2:48:44 pm" To: sthaug@nethelp.no Date: Sat, 19 Jun 1999 08:16:56 -0500 (CDT) Cc: security@freebsd.org X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > > Any server application, be it sendmail, named, ntpd, apache, squid, etc etc > > > etc., needs to be compiled fresh from the vendor. > > > > That is complete bullshit. By doing this, you are *introducing* > > problems rather than solving them. The FreeBSD developers spend a lot > > of effort fixing bugs, plugging security holes, and adapting software > > to run optimally on FreeBSD. You shouldn't hand-roll things like > > sendmail or BIND unless you're prepared to spend a *lot* of time > > duplicating their work, and making sure you got it right and didn't > > introduce any bugs of your own in the process. > > In general I agree about this. However: > > BIND 8 works just fine out of the box on FreeBSD. Please check the bind8 > port - it changes a few paths, changes the man format and not much else. It has been some time since I've seen an application that _didn't_ work fine out of the box on FreeBSD - things like Sendmail come with option files that are set up for FreeBSD, and other things just don't care too much anyways because they aren't tied into the system as deeply as something like Sendmail. Additionally, if you want to go head-to-head about things like security holes, I'll note that _any_ configuration (such as the FreeBSD-supplied one) which runs sendmail as root is inherently more risky than a config which runs sendmail as mail:mail. You'd better make sure that you're introducing fewer bugs than I am and that yours are less exploitable. Me, I'm not too worried since I've been hacking on Sendmail since the '80's and there's not too much risk in a daemon that runs as an unprivileged user. But, then again, that all gets back to what I've been saying all along: there are good reasons for treating these things as applications instead as part of the OS. ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message