From owner-freebsd-security  Mon Dec 21 16:08:00 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id QAA16840
          for freebsd-security-outgoing; Mon, 21 Dec 1998 16:08:00 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from apollo.backplane.com (apollo.backplane.com [209.157.86.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA16835
          for <security@FreeBSD.ORG>; Mon, 21 Dec 1998 16:07:58 -0800 (PST)
          (envelope-from dillon@apollo.backplane.com)
Received: (from dillon@localhost)
	by apollo.backplane.com (8.9.1/8.9.1) id QAA48177;
	Mon, 21 Dec 1998 16:07:51 -0800 (PST)
	(envelope-from dillon)
Date: Mon, 21 Dec 1998 16:07:51 -0800 (PST)
From: Matthew Dillon <dillon@apollo.backplane.com>
Message-Id: <199812220007.QAA48177@apollo.backplane.com>
To: Eivind Eklund <eivind@yes.no>
Cc: Cliff Skolnick <cliff@steam.com>, security@FreeBSD.ORG
Subject: Re: cvs commit: src/etc rc.conf
References: <19981221163532.G14124@follo.net> <000201be2d2c$0b94baa0$2020a8c0@icarus.internal.steam.com> <19981222000242.H14124@follo.net>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


:On Mon, Dec 21, 1998 at 01:51:20PM -0800, Cliff Skolnick wrote:
:> This sandbox stuff is starting to worry me :(
:> 
:> The more FreeBSD changes stock daemons used on many other UNIX systems the
:> harder it will be to respond to know bugs.  For denial of service attacks
:...
:> The sandbox changes a fundamental design of UNIX, and makes FreeBSD
:> "different" than other UNIX systems.  The difference in the short term may
:...

    Two points.  

    (1) We have made no changes to the stock bind distribution.  None.  Zero.
        Zilch.  Nada.  

    (2) Using a sandbox does not change the fundamental design of UNIX in
	the least, in my view.  A number of traditional UNIX subsystems have
	used sandboxes for a long time.  For example, the 'operator' account 
	and lpd.

						-Matt

    Matthew Dillon  Engineering, HiWay Technologies, Inc. & BEST Internet 
                    Communications & God knows what else.
    <dillon@backplane.com> (Please include original email in any response)    

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message