From owner-freebsd-security Mon Jun 15 03:53:47 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA16290 for freebsd-security-outgoing; Mon, 15 Jun 1998 03:53:47 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from cheops.anu.edu.au (avalon@cheops.anu.edu.au [150.203.76.24]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA16267 for ; Mon, 15 Jun 1998 03:53:40 -0700 (PDT) (envelope-from avalon@coombs.anu.edu.au) Message-Id: <199806151053.DAA16267@hub.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA067588005; Mon, 15 Jun 1998 20:53:25 +1000 From: Darren Reed Subject: Re: bsd securelevels... To: angelos@dsl.cis.upenn.edu (Angelos D. Keromytis) Date: Mon, 15 Jun 1998 20:53:24 +1000 (EST) Cc: security@FreeBSD.ORG In-Reply-To: <199806142322.TAA26158@adk.gr> from "Angelos D. Keromytis" at Jun 14, 98 07:16:49 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In some mail from Angelos D. Keromytis, sie said: > > -----BEGIN PGP SIGNED MESSAGE----- > > To: security@freebsd.org > Subject: Re: bsd securelevels... > Cc: > Date: 06/14/98, 19:16:47 > > > > 1) do they noticably improve security? 2) can we replace them with > > something better? The answer to both questions is yes. > > The answer to (1) is yes only as long as people are using > securelevels. My feeling is that pretty much noone is using them, > because they are viewed (rightfully, IMO) as being both too twisted > and not secure enough to justify setting them. I imagine any firewall running FreeBSD has it set to > 0... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message