From owner-freebsd-audit Mon Nov 29 19:54:13 1999 Delivered-To: freebsd-audit@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id CA72B1578E; Mon, 29 Nov 1999 19:53:09 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id BDDB61CD736; Mon, 29 Nov 1999 19:53:09 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Mon, 29 Nov 1999 19:53:09 -0800 (PST) From: Kris Kennaway To: "Jordan K. Hubbard" Cc: Matthew Dillon , Dan Moschuk , arch@FreeBSD.ORG, audit@FreeBSD.ORG Subject: Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern kern_fork.c src/sys/libkern arc4random.c src/sys/sys libkern.h In-Reply-To: <88174.943927150@zippy.cdrom.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 29 Nov 1999, Jordan K. Hubbard wrote: > That's highly arguable. We provide secure levels, for example, but if > we turned them on to any appreciable degree then people's X servers > wouldn't work because we have no aperture driver. Would it be correct > in the general case? Yes. Would it be correct for workstation users? > No. Such is also the case in numerous other situations and it really > is a question of providing mechanisms which people can use selectively, > not just in providing the best "out of box" security defaults. This would fall under my preferred policy, which you didn't quote, namely "turn on everything which doesn't have a negative impact, and providing an easy mechanism to enable everything else". Preventing X from running is something many (though not all :) people would consider negative :-) Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message