Date: Thu, 16 Apr 1998 16:43:36 -0400 (EDT) From: Robert Watson <robert@cyrus.watson.org> To: Niall Smart <rotel@indigo.ie> Cc: Philippe Regnauld <regnauld@deepo.prosa.dk>, dima@best.net, freebsd-security@FreeBSD.ORG Subject: Re: kernel permissions Message-ID: <Pine.BSF.3.96.980416164229.14132A-100000@fledge.watson.org> In-Reply-To: <199804161328.OAA02264@indigo.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 16 Apr 1998, Niall Smart wrote: > On Apr 16, 10:13am, Philippe Regnauld wrote: > } Subject: Re: kernel permissions > > > Preventing things in the eventual (unproven) fear that > > they could be exploited in some way (not necessarily > > security) is, IMHO, "change for the sake of change". > > I'd call this "prudence". I'd call chmod 440 /kernel "over-prudence" > though. :) So, one possible concern might be for US residents that with developed IPsec code in ones kernel (including encryption), ones kernel might no longer be exportable :). We wouldn't want our users grabbing the kernel code to run on their own machine :). (I know, a stretch, but...) Robert N Watson ---- Carnegie Mellon University http://www.cmu.edu/ Trusted Information Systems http://www.tis.com/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980416164229.14132A-100000>