Date: Wed, 16 Jun 1999 13:18:03 -0600 From: Warner Losh <imp@harmony.village.org> To: Barrett Richardson <barrett@phoenix.aye.net> Cc: Unknow User <kernel@tdnet.com.br>, security@FreeBSD.ORG Subject: Re: some nice advice.... Message-ID: <199906161918.NAA01012@harmony.village.org> In-Reply-To: Your message of "Wed, 16 Jun 1999 05:41:23 EDT." <Pine.BSF.4.01.9906160538310.18250-100000@phoenix.aye.net> References: <Pine.BSF.4.01.9906160538310.18250-100000@phoenix.aye.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.4.01.9906160538310.18250-100000@phoenix.aye.net> Barrett Richardson writes: : [bpf] can be some risk. If a machine with bpf enabled gets compromised : the attacker can use it as a network sniffer. That's the biggest reason that I do not enable it on most of my machines if I can at all help it. However, one could argue that if a machine gets compromized, then an attacker could, on the next reboot, cause arbitrary code to run via the rc mechanism.... This 'hold' is hard to plug, but is plugable if you are running with an elevated secure level... Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906161918.NAA01012>