From owner-freebsd-security  Fri Apr 17 11:41:26 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id LAA26277
          for freebsd-security-outgoing; Fri, 17 Apr 1998 11:41:26 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from mph124.rh.psu.edu (mph@MPH124.rh.psu.edu [128.118.126.83])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA26147;
          Fri, 17 Apr 1998 18:40:58 GMT
          (envelope-from mph@mph124.rh.psu.edu)
Received: (from mph@localhost)
	by mph124.rh.psu.edu (8.8.8/8.8.8) id OAA25457;
	Fri, 17 Apr 1998 14:40:48 -0400 (EDT)
	(envelope-from mph)
Message-ID: <19980417144046.41055@mph124.rh.psu.edu>
Date: Fri, 17 Apr 1998 14:40:46 -0400
From: Matthew Hunt <mph@pobox.com>
To: "Matthew N. Dodd" <winter@jurai.net>
Cc: dima@best.net, stable@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject: Re: kernel permissions
Mail-Followup-To: "Matthew N. Dodd" <winter@jurai.net>, dima@best.net,
	stable@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
References: <19980417005408.08278@mph124.rh.psu.edu> <Pine.BSF.3.96.980417140750.523e-100000@sasami.jurai.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.89i
In-Reply-To: <Pine.BSF.3.96.980417140750.523e-100000@sasami.jurai.net>; from Matthew N. Dodd on Fri, Apr 17, 1998 at 02:09:55PM -0400
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

On Fri, Apr 17, 1998 at 02:09:55PM -0400, Matthew N. Dodd wrote:

> Look at /etc/login.conf.  If that doesn't set policy for the entire set of
> all FreeBSD boxes I don't know what does.  Why you didn't fuss about that
> as much when it went in I'm not sure.

(I think this discussion is out of proportion, so I will just address
these issues and be done with it.)

Two reasons:

	(a) login.conf resources limits address a genuine security
	issue, that of DoS attacks by resource exhaustion.  I cannot
	see how reading the kernel can possibly be a security problem
	in and of itself.

	(b) I can change login.conf on my machine, and it will stay
	changed.  If Makefile.i386 changes, changes I make will be
	destroyed by cvsup, so I have to change the Makefile whenever
	I build a kernel, or change the permissions right after
	"make install".

> I detect an 'information wants to be free' additude though.  Maybe its
> just me...

Yes, that's exactly it.  I do not agree with hiding information
unnecessarily.  The belief that this change improves security seems
like a "security by obscurity" approach.

Hope this clarifies my opinions.

-- 
Matthew Hunt <mph@pobox.com> * Stay close to the Vorlon.
http://mph124.rh.psu.edu/~mph/pgp.key for PGP public key 0x67203349.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message