Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 16 Sep 1999 12:02:39 +1000 (EST)
From:      Nicholas Brawn <ncb@zip.com.au>
To:        Brett Glass <brett@lariat.org>
Cc:        "Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu>, security@FreeBSD.ORG
Subject:   Re: BPF on in 3.3-RC GENERIC kernel
Message-ID:  <Pine.LNX.4.10.9909161158470.31403-100000@zipperii.zip.com.au>
In-Reply-To: <4.2.0.58.19990915170025.048d0b00@localhost>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 15 Sep 1999, Brett Glass wrote:

> Maybe it's a religious issue, or maybe some utility depends on it.
> But it might not be a good idea to let it be on from the get-go.
> If the machine is rooted, you've got an instant packet sniffer.
> I plan to turn it off on EVERY install, and I sure wish it
> were that way to start.
>
> --Brett
>                                                                              

<sarcasm>
Yes, and let's include two kernels in the distribution. One for
those who want BPF, and one for those who don't.
</sarcasm>

Come on people, this issue is long past dead and buried. It is a simple
matter to [dis|enable] BPF in the kernel. Rather than arguing about the
default nature of such installs, why not promote user education about such
security issues.

Nick

--
Email: ncb@zip.com.au (or) nicholas.brawn@hushmail.com
Key fingerprint = 71C5 2EA8 903B 0BC4 8EEE  9122 7349 EADC 49C1 424E




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.10.9909161158470.31403-100000>