Date: Thu, 27 Jul 2000 23:14:27 +0930 (CST) From: "Daniel O'Connor" <darius@dons.net.au> To: "Jacques A. Vidrine" <n@nectar.com> Cc: arch@freebsd.org, John Polstra <jdp@polstra.com>, Neil Blakey-Milner <nbm@mithrandr.moria.org> Subject: Re: How much security should ldconfig enforce? Message-ID: <XFMail.000727231427.darius@dons.net.au> In-Reply-To: <20000727083920.A9036@hamlet.nectar.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 27-Jul-00 Jacques A. Vidrine wrote: > On Thu, Jul 27, 2000 at 02:52:47PM +0200, Neil Blakey-Milner wrote: >> You expect someone to check out sources and recompile the program to >> make it secure when you can instead use a command line option? > No, I expect by default that it be built in secure mode. > > I expect that if someone wants to shoot herself in the foot, she can > twiddle make.conf and rebuild from source to disable this option. If the default behaviour is safe (ie by default it checks permissions) then I don't see that it is necessary to make it a build time option. If you are playing with options you don't understand then you're asking for trouble :) --- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.000727231427.darius>