Date: Thu, 12 Dec 1996 17:23:10 -0500 () From: Bradley Dunn <bradley@dunn.org> To: Garrett Wollman <wollman@lcs.mit.edu> Cc: freebsd-security@freebsd.org Subject: Re: Risk of having bpf0? (was URGENT: Packet sniffer found on my system) Message-ID: <Pine.WNT.3.95.961212171949.-3823323I-100000@swoosh.dunn.org> In-Reply-To: <9612121458.AA24275@halloran-eldar.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 12 Dec 1996, Garrett Wollman wrote: > Not if you run at security level 2, make all the files in /bin, /sbin, You mean level 1, right? At level 2 it would be difficult to explain to users why they can't upload their web pages. :-) > /usr/bin, and /usr/sbin, and some of the files in /etc and / system > immutable, and make all those directories plus / and /dev system > append-only. If you're running a public-access shell system, you most > certainly should do just that. (It's a big hassle for ordinary users, > which is why we don't ship systems that way.) -BD
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.WNT.3.95.961212171949.-3823323I-100000>