From owner-freebsd-chat Mon Nov 18 18:46:30 1996 Return-Path: owner-chat Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA08167 for chat-outgoing; Mon, 18 Nov 1996 18:46:30 -0800 (PST) Received: from genesis.atrad.adelaide.edu.au (genesis.atrad.adelaide.edu.au [129.127.96.120]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id SAA08133 for ; Mon, 18 Nov 1996 18:46:20 -0800 (PST) Received: (from msmith@localhost) by genesis.atrad.adelaide.edu.au (8.8.2/8.7.3) id NAA26051; Tue, 19 Nov 1996 13:15:16 +1030 (CST) From: Michael Smith Message-Id: <199611190245.NAA26051@genesis.atrad.adelaide.edu.au> Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). In-Reply-To: <199611180918.BAA15007@salsa.gv.ssi1.com> from Don Lewis at "Nov 18, 96 01:18:36 am" To: Don.Lewis@tsc.tdk.com (Don Lewis) Date: Tue, 19 Nov 1996 13:15:15 +1030 (CST) Cc: chat@freebsd.org X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-chat@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Don Lewis stands accused of saying: > } Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). > } (This has nothing to do with security. Moved to -chat where such drool > } belongs) > > Actually, it is security related (see my response to (b)): It's _not_ significantly security-related. Moved _back_. > } a) You can fiddle 'make release' to do anything you want, after all, you > } have the source, right? > > Yes, but it's a lot harder than I'd like. Er, what _would_ you like? The BSD release schema is actually pretty good by comparison with most systems this size. > I'm doing this to make building firewall boxes easier. The kernel won't > be GENERIC, it'll be a pre-configured ultra-paranoid kernel. There won't > be any general user accounts. Administrative access will only be allowed > from the console or via ssh from a trusted location. Most of userland will > only be removed (especially setuid and setgid executables!), leaving only > enough to boot the machine and launch the appropriate daemons that were > precompiled and included in the release. I can't see the benefit here. If the machine is compromised, then it hardly matters whether the tools are there, or whether the intruder has to import their own. (The latter is much more likely than the former anyway). Removing the build tools is a size issue; as a security concern it's a complete no-op. > And on more of a chat related note, there is a discussion going on > over on the hardware list about using FreeBSD for routers. What if > was easier to build really tiny releases for such purposes? If they > were small enough, you could get it to all fit on a floppy (sort of > like the current install floppy) and you could build a router or > other simple dedicated device without a hard disk at all. You'd > still need a full FreeBSD box around to do development on, but this > would allow you to deploy a number of really cheap FreeBSD boxes on > your network as dedicated devices. It should be relatively straightforward to produce such a build; I would suggest that you start by looking at how the boot floppies are built, then go sideways and make your minimal system up, and then use the release-floppy techniques to build your router-floppy. I think that'd be an excellent thing to have (it's been done before, but not maintained), and well worth the effort. > --- Truck -- ]] Mike Smith, Software Engineer msmith@gsoft.com.au [[ ]] Genesis Software genesis@gsoft.com.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control. (ph) +61-8-8267-3493 [[ ]] Unix hardware collector. "Where are your PEZ?" The Tick [[