Date: Thu, 16 Sep 1999 15:06:53 -0400 (EDT) From: Kenny Drobnack <kdrobnac@mission.mvnc.edu> To: Brett Glass <brett@lariat.org> Cc: "Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu>, security@FreeBSD.ORG Subject: Re: BPF on in 3.3-RC GENERIC kernel Message-ID: <Pine.GSO.3.96.990916150427.5757E-100000@mission.mvnc.edu> In-Reply-To: <4.2.0.58.19990915170025.048d0b00@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
How about this idea: from what I've seen and heard, the only things that
depend on BPF are tcpdump and dhcp. The average user does not need
tcpdump. So, if a user enables dhcp, BPF gets turned on, otherwise, it
will stay off. Of course, the only way I could think of to do this would
be to make BPF a loadable module. The problem with that is, someone
running as root could just load up the module anyway...
> Maybe it's a religious issue, or maybe some utility depends on it.
> But it might not be a good idea to let it be on from the get-go.
> If the machine is rooted, you've got an instant packet sniffer.
> I plan to turn it off on EVERY install, and I sure wish it
> were that way to start.
-----
We are now the Knights who say...
"Ekki-Ekki-Ekki-Ekki-PTANG! Zoom-Boing! Z'nourrwringmm!"
-the Knights who formerly said "ni" "Monty Python and the Holy Grail"
----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.3.96.990916150427.5757E-100000>