Date: Sun, 14 Jul 2002 12:35:09 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.ORG> To: Luigi Rizzo <luigi@FreeBSD.ORG> Cc: Giorgos Keramidas <keramida@FreeBSD.ORG>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/usr.bin/talk display.c talk.1 talk.c Message-ID: <Pine.NEB.3.96L.1020714123332.25880E-100000@fledge.watson.org> In-Reply-To: <20020714093012.D74633@iguana.icir.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 14 Jul 2002, Luigi Rizzo wrote:
> On Sun, Jul 14, 2002 at 12:14:35PM -0400, Robert Watson wrote:
> ...
> > FreeBSD 5.0-CURRENT supports 'security.bsd.bsd_see_other_uids' which
> > limits the flow of inter-user information. Try setting it to 0 sometime.
>
> ok, i also learned that there is a similar option under -stable (with a
> different name of course :) ), but the problem is that both default to 1
> ("we live in a nice world")
The setting in -STABLE doesn't limit procfs or socket information sharing,
and so isn't a complete solution. In fact, it was recently posted to
bugtraq for having its documented behavior (which seemed a bit weak to
me). The -CURRENT solution is much more comprehensive.
> I'd suggest setting the default to 0 in -current, also to give some time
> to realize how much breakage this could cause in users' scripts and the
> like.
This was discussed at one point, and my impression was that people didn't
like the idea. The MAC module implementing the same behavior actually
supports a notion of exemption, so if we were to default it to on, a
recent behavior would be to exempt members of the operator group.
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org Network Associates Laboratories
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1020714123332.25880E-100000>