From owner-freebsd-security  Thu Dec 12 16:51:02 1996
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id QAA27580
          for security-outgoing; Thu, 12 Dec 1996 16:51:02 -0800 (PST)
Received: from halloran-eldar.lcs.mit.edu (halloran-eldar.lcs.mit.edu [18.26.0.159])
          by freefall.freebsd.org (8.8.4/8.8.4) with SMTP id QAA27568
          for <freebsd-security@freebsd.org>; Thu, 12 Dec 1996 16:51:00 -0800 (PST)
Received: by halloran-eldar.lcs.mit.edu; (5.65v3.2/1.1.8.2/19Aug95-0530PM)
	id AA30153; Thu, 12 Dec 1996 19:50:53 -0500
Date: Thu, 12 Dec 1996 19:50:53 -0500
From: Garrett Wollman <wollman@lcs.mit.edu>
Message-Id: <9612130050.AA30153@halloran-eldar.lcs.mit.edu>
To: Bradley Dunn <bradley@dunn.org>
Cc: freebsd-security@freebsd.org
Subject: Re: Risk of having bpf0? (was URGENT: Packet sniffer found on my system) 
In-Reply-To: <Pine.WNT.3.95.961212171949.-3823323I-100000@swoosh.dunn.org>
References: <9612121458.AA24275@halloran-eldar.lcs.mit.edu>
	<Pine.WNT.3.95.961212171949.-3823323I-100000@swoosh.dunn.org>
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

<<On Thu, 12 Dec 1996 17:23:10 -0500 (), Bradley Dunn <bradley@dunn.org> said:

> On Thu, 12 Dec 1996, Garrett Wollman wrote:
>> Not if you run at security level 2, make all the files in /bin, /sbin,

> You mean level 1, right? At level 2 it would be difficult to explain to
> users why they can't upload their web pages. :-)

No, I don't mean level 1, I mean level 2.  That has nothing to do with
users being able to upload their Web pages.

To tag back with the original subject, BPF should probably refuse to
work under high security level.

-GAWollman

--
Garrett A. Wollman   | O Siem / We are all family / O Siem / We're all the same
wollman@lcs.mit.edu  | O Siem / The fires of freedom 
Opinions not those of| Dance in the burning flame
MIT, LCS, ANA, or NSA|                     - Susan Aglukark and Chad Irschick