From owner-freebsd-security Sun Jun 14 16:23:27 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA25012 for freebsd-security-outgoing; Sun, 14 Jun 1998 16:23:27 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from adk.gr (COREDUMP.CIS.UPENN.EDU [158.130.6.141]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA25000 for ; Sun, 14 Jun 1998 16:23:18 -0700 (PDT) (envelope-from angelos@dsl.cis.upenn.edu) Received: from dsl.cis.upenn.edu ([198.223.41.41]) by adk.gr (8.8.8/8.8.5) with ESMTP id TAA26158 for ; Sun, 14 Jun 1998 19:22:47 -0400 (EDT) Message-Id: <199806142322.TAA26158@adk.gr> To: security@FreeBSD.ORG Subject: Re: bsd securelevels... Date: Sun, 14 Jun 1998 19:16:49 EDT From: "Angelos D. Keromytis" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- To: security@freebsd.org Subject: Re: bsd securelevels... Cc: Date: 06/14/98, 19:16:47 > 1) do they noticably improve security? 2) can we replace them with > something better? The answer to both questions is yes. The answer to (1) is yes only as long as people are using securelevels. My feeling is that pretty much noone is using them, because they are viewed (rightfully, IMO) as being both too twisted and not secure enough to justify setting them. I don't really care whether the patch goes in or not (it won't affect any system I am or will use anyway), so this is my last message on the subject. - -Angelos -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface iQCVAwUBNYRZ370pBjh2h1kFAQHgeQP9E77rghXfXWpRKwjNDroGr1Iak6Sl2m3r IGtbWwuXEBj8DwAOi7e2GdQij93eFUynkKplu72OJtcTcu1WDVSQpUnjUKHOmsLY KKJBY0SCo45iaVcKvtBuJX60d4WvhX54TKEqkO8H6qmi7CrhdfIO58PkUn74Q5r8 HvOngV1c7P8= =YOJ3 -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message