Date: Thu, 16 Sep 1999 16:14:52 -0700 (PDT) From: Liam Slusser <liam@tiora.net> To: Kenny Drobnack <kdrobnac@mission.mvnc.edu> Cc: Brett Glass <brett@lariat.org>, "Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu>, security@FreeBSD.ORG Subject: Re: BPF on in 3.3-RC GENERIC kernel Message-ID: <Pine.GSO.4.05.9909161559330.6933-100000@kinetic.tiora.net> In-Reply-To: <Pine.GSO.3.96.990916150427.5757E-100000@mission.mvnc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Right...but if the system was hacked what would stop the hacker from building BPF in a kernel? It does not matter if you have it in the kernel or not..if a hacker wants it..it does not take alot of work to add it. And anyways...if you don't like it..you could always *build* your own kernel without BPF. ;) liam System Administrator Tiora Networks | www.tiora.net <---- tiora's webpage www.tiora.net/~liam <----- homepage | liam@tiora.net <-- my email address Lowered turbo powered Honda Civic's are really cool. <---------- my quote On Thu, 16 Sep 1999, Kenny Drobnack wrote: > How about this idea: from what I've seen and heard, the only things that > depend on BPF are tcpdump and dhcp. The average user does not need > tcpdump. So, if a user enables dhcp, BPF gets turned on, otherwise, it > will stay off. Of course, the only way I could think of to do this would > be to make BPF a loadable module. The problem with that is, someone > running as root could just load up the module anyway... > > > > Maybe it's a religious issue, or maybe some utility depends on it. > > But it might not be a good idea to let it be on from the get-go. > > If the machine is rooted, you've got an instant packet sniffer. > > I plan to turn it off on EVERY install, and I sure wish it > > were that way to start. > > ----- > We are now the Knights who say... > "Ekki-Ekki-Ekki-Ekki-PTANG! Zoom-Boing! Z'nourrwringmm!" > -the Knights who formerly said "ni" "Monty Python and the Holy Grail" > ---- > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.05.9909161559330.6933-100000>