Date: Wed, 23 Jul 2003 00:34:11 -0400 From: Mike Makonnen <mtm@identd.net> To: Steve Kargl <sgk@troutmask.apl.washington.edu> Cc: freebsd-arch@freebsd.org Subject: Re: Things to remove from /rescue Message-ID: <20030723043410.GA45652@kokeb.ambesa.net> In-Reply-To: <20030723035006.GA45410@troutmask.apl.washington.edu> References: <20030719171138.GA86442@dragon.nuxi.com> <XFMail.20030721151553.jhb@FreeBSD.org> <20030721202314.GC21068@dragon.nuxi.com> <xzpn0f76i69.fsf@dwp.des.no> <20030722151138.GB72888@dragon.nuxi.com> <20030722153056.GM863@starjuice.net> <20030723002531.GA44452@kokeb.ambesa.net> <20030723035006.GA45410@troutmask.apl.washington.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 22, 2003 at 08:50:06PM -0700, Steve Kargl wrote: > > Don't you need a network connection to use /rescue/rrestore to access > the dump of / on a tape drive in a remote system? One may want a > secure connection to that remote system. ahh yes, I also missed rcp. But, that doesn't change the situation much. Ipfw is a firewall. I don't see how it can have a useful impact on security in this situation. The point I was trying to make in the email is that there isn't much security that ipfw can offer you in this situation that is a compelling or even "must have" feature of rescue. Like I said, I don't object to having it in /rescue if that's the consensus, but I would much prefer if we left it out and see if any bug reports come in. There is nothing preventing us from including it in the future if it is really needed by our users. Cheers. -- Mike Makonnen | GPG-KEY: http://www.identd.net/~mtm/mtm.asc mtm@identd.net | D228 1A6F C64E 120A A1C9 A3AA DAE1 E2AF DBCC 68B9 mtm@FreeBSD.Org| FreeBSD - Unleash the Daemon!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030723043410.GA45652>