From owner-freebsd-stable  Wed Apr 15 22:12:05 1998
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id WAA07489
          for freebsd-stable-outgoing; Wed, 15 Apr 1998 22:12:05 -0700 (PDT)
          (envelope-from owner-freebsd-stable@FreeBSD.ORG)
Received: from burka.rdy.com (dima@burka.rdy.com [205.149.163.30])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA07357;
          Wed, 15 Apr 1998 22:11:54 -0700 (PDT)
          (envelope-from dima@burka.rdy.com)
Received: by burka.rdy.com id WAA03453;
  (8.8.8/RDY) Wed, 15 Apr 1998 22:11:29 -0700 (PDT)
Message-Id: <199804160511.WAA03453@burka.rdy.com>
Subject: Re: kernel permissions
In-Reply-To: <E0yPgmY-0004v7-00@set.spradley.tmi.net> from Ted Spradley at "Apr 16, 98 00:00:17 am"
To: tsprad@set.spradley.tmi.net (Ted Spradley)
Date: Wed, 15 Apr 1998 22:11:28 -0700 (PDT)
Cc: dima@best.net, louie@TransSys.COM, trost@cloud.rain.com,
        stable@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
X-Class: Fast
Organization: HackerDome
Reply-To: dima@best.net
From: dima@best.net (Dima Ruban)
X-Mailer: ELM [version 2.4ME+ PL38 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk

Ted Spradley writes:
> 
> > > By this reasoning, there's no point in removing read permission either.
> > 
> > Of course there is. Because user doesn't need to have this information.
> 
> Is this what your argument boils down to -- *Your* users don't have a 
> 'Need to Know' (to use the Pentagon expression).  Maybe I prefer to 
> encourage my users to learn as much as they will about the system.  Maybe 
> I take a very negative attitude about keeping any information secret, so 
> I consider long and hard before I remove read permission for anybody from 
> any information.  Maybe that's why I use a system that has freely 
> available source code.

Okay. Here's an example. Ever hear of a commertially available drivers?
When you install such stuff, you don't want somebody to be able to read
them, or have a copy of kernel with them. Why? Because you did pay for them
and whoever wants to have an access - didnt.

Normal users *do not need* to have an read acces to the kernel.
They simply don't.

Do you need any other examples?

What's the deal with arguing on such a simply issue?

> 
> 

-- dima

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message