From owner-freebsd-current Fri Nov 15 4:46: 2 2002 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0D21537B401 for ; Fri, 15 Nov 2002 04:46:01 -0800 (PST) Received: from MX1.estpak.ee (ld3.estpak.ee [194.126.101.102]) by mx1.FreeBSD.org (Postfix) with ESMTP id AD93A43E6E for ; Fri, 15 Nov 2002 04:45:59 -0800 (PST) (envelope-from kalts@estpak.ee) Received: from tiiu.internal (80-235-37-22-dsl.mus.estpak.ee [80.235.37.22]) by MX1.estpak.ee (Postfix) with ESMTP id 785FE8884D; Fri, 15 Nov 2002 14:44:53 +0200 (EET) Received: from tiiu.internal (localhost [127.0.0.1]) by tiiu.internal (8.12.6/8.12.6) with ESMTP id gAFCjkTE002217; Fri, 15 Nov 2002 14:45:46 +0200 (EET) (envelope-from vallo@tiiu.internal) Received: (from vallo@localhost) by tiiu.internal (8.12.6/8.12.6/Submit) id gAFCjkxg002216; Fri, 15 Nov 2002 14:45:46 +0200 (EET) (envelope-from vallo) Date: Fri, 15 Nov 2002 14:45:45 +0200 From: Vallo Kallaste To: Kris Kennaway Cc: Soeren Schmidt , Sheldon Hearn , freebsd-current@FreeBSD.ORG Subject: Re: /dev/acd*t* no longer available in -current? Message-ID: <20021115124545.GA2174@tiiu.internal> Reply-To: kalts@estpak.ee References: <20021115084430.GI76728@starjuice.net> <200211150848.gAF8muEU060773@spider.deepcore.dk> <20021115122950.GA16194@rot13.obsecurity.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20021115122950.GA16194@rot13.obsecurity.org> User-Agent: Mutt/1.5.1i-ja.1 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, Nov 15, 2002 at 04:29:50AM -0800, Kris Kennaway wrote: > > > Don't you think it makes more sense for the kernel to start off with > > > more restrictive permissions, and have the administrator determine > > > whether more restrictive permissions are appropriate? > > > > Actually no I dont. > > The security aware admin will know (or should that be "should know" :) ) > > what to do to make a system secure. > > That's a particularly uncompelling argument. Yes. For what it's worth, I think that system should be airtight out of the box and the consequences for average desktop user (as I am) clearly documented in handbook. Users who will not read the fine documentation fully deserve the pain. Moreover, they probably will not make a way as fine FreeBSD user in a long run. Be sure you read the following line: IMHO -- Vallo Kallaste kalts@estpak.ee To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message