From owner-freebsd-security  Fri Sep 17 19:21:37 1999
Delivered-To: freebsd-security@freebsd.org
Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2])
	by hub.freebsd.org (Postfix) with ESMTP id BFF14154A8
	for <security@FreeBSD.ORG>; Fri, 17 Sep 1999 19:21:34 -0700 (PDT)
	(envelope-from brett@lariat.org)
Received: from mustang (IDENT:ppp0.lariat.org@lariat.lariat.org [206.100.185.2])
	by lariat.lariat.org (8.9.3/8.9.3) with ESMTP id UAA17174;
	Fri, 17 Sep 1999 20:21:17 -0600 (MDT)
Message-Id: <4.2.0.58.19990917201820.046f09e0@localhost>
X-Sender: brett@localhost
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 
Date: Fri, 17 Sep 1999 20:21:15 -0600
To: Matthew Dillon <dillon@apollo.backplane.com>,
	Warner Losh <imp@village.org>
From: Brett Glass <brett@lariat.org>
Subject: Re: BPF on in 3.3-RC GENERIC kernel 
Cc: Liam Slusser <liam@tiora.net>,
	Kenny Drobnack <kdrobnac@mission.mvnc.edu>,
	"Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu>, security@FreeBSD.ORG
In-Reply-To: <199909172259.PAA55902@apollo.backplane.com>
References: <4.2.0.58.19990917160519.047cc890@localhost>
 <Your message of "Thu, 16 Sep 1999 18:54:24 MDT." <4.2.0.58.19990916185341.00aaf100@localhost>
 <4.2.0.58.19990916185341.00aaf100@localhost>
 <Pine.GSO.3.96.990916150427.5757E-100000@mission.mvnc.edu>
 <199909172208.QAA05554@harmony.village.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

At 03:59 PM 9/17/99 -0700, Matthew Dillon wrote:

>    Making a system reasonably secure does not equate to protecting root from
>     itself.  If someone has root, you've lost.  Period.  It doesn't matter
>     whether they can modify the system or not, you've still lost.

See my article at

http://boardwatch.internet.com/mag/98/dec/bwm62.html

regarding why this is ungood.

--Brett


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message