From owner-freebsd-security Mon Jul 7 18:02:44 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id SAA19301 for security-outgoing; Mon, 7 Jul 1997 18:02:44 -0700 (PDT) Received: from homeport.org (lighthouse.homeport.org [205.136.65.198]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id SAA19293 for ; Mon, 7 Jul 1997 18:02:39 -0700 (PDT) Received: (adam@localhost) by homeport.org (8.8.5/8.6.9) id UAA20028; Mon, 7 Jul 1997 20:58:56 -0400 (EDT) From: Adam Shostack Message-Id: <199707080058.UAA20028@homeport.org> Subject: Re: Security Model/Target for FreeBSD or 4.4? In-Reply-To: <199707072246.PAA25097@biggusdiskus.flyingfox.com> from Jim Shankland at "Jul 7, 97 03:46:57 pm" To: jas@flyingfox.com (Jim Shankland) Date: Mon, 7 Jul 1997 20:58:56 -0400 (EDT) Cc: robert@cyrus.watson.org, security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL27 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Jim Shankland wrote: | Of course, we already have a permissions system. Why not: | | -rw-rw---- 1 root smtp Feb 18 09:33 /protocols/inet/tcp/25 | | Or is that just too weird? That seems like a great idea, modulo the amount of work needed to implement it. (do you want to extend that so that /protocols/inet/tcp/10.2.23.45:25 allows you to control permissions on a per IP address basis? That might be too baroque for not enough gain..) -- He has erected a multitude of new offices, and sent hither swarms of officers to harrass our people, and eat out their substance.