Date: Mon, 21 Dec 1998 16:07:51 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Eivind Eklund <eivind@yes.no> Cc: Cliff Skolnick <cliff@steam.com>, security@FreeBSD.ORG Subject: Re: cvs commit: src/etc rc.conf Message-ID: <199812220007.QAA48177@apollo.backplane.com> References: <19981221163532.G14124@follo.net> <000201be2d2c$0b94baa0$2020a8c0@icarus.internal.steam.com> <19981222000242.H14124@follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
:On Mon, Dec 21, 1998 at 01:51:20PM -0800, Cliff Skolnick wrote:
:> This sandbox stuff is starting to worry me :(
:>
:> The more FreeBSD changes stock daemons used on many other UNIX systems the
:> harder it will be to respond to know bugs. For denial of service attacks
:...
:> The sandbox changes a fundamental design of UNIX, and makes FreeBSD
:> "different" than other UNIX systems. The difference in the short term may
:...
Two points.
(1) We have made no changes to the stock bind distribution. None. Zero.
Zilch. Nada.
(2) Using a sandbox does not change the fundamental design of UNIX in
the least, in my view. A number of traditional UNIX subsystems have
used sandboxes for a long time. For example, the 'operator' account
and lpd.
-Matt
Matthew Dillon Engineering, HiWay Technologies, Inc. & BEST Internet
Communications & God knows what else.
<dillon@backplane.com> (Please include original email in any response)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812220007.QAA48177>