Date: Fri, 28 Aug 1998 23:29:23 -0700 (PDT) From: scex <scex@dqc.org> To: "Jan B. Koum " <jkb@best.com> Cc: "Jeffrey J. Mountin" <jeff-ml@mountin.net>, security@FreeBSD.ORG Subject: Re: Shell history Message-ID: <Pine.BSF.4.02.9808282319460.4260-100000@dqc.org> In-Reply-To: <Pine.BSF.4.02A.9808282239160.19658-100000@shell6.ba.best.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Hmm.. you are right, but what will stop an attacker who has > freebsd box or has access to one to download the binary? nothing at all, & this can explain why so many people are getting 'hacked'.. lower irreversible security, ie less limitations on what you can do on the system to 'muck around' once you've owned a box. securelevels should be & will be when finally developed properly barriers on what you can do with a unix/whatever system. if o/s's ship out of the box secure, in this case by segmenting priveledge very thoroughly, there will be "less to hack", & so disregard our development as thinking human beings. or maybe i've had 8 cones too many. anyway, as we can see from this little venture, you have to do better than just stop people copying their own shell or making their own shell if you want full 'big brother' ie sniffing/spying/monitoring whatever, ways of doing this being trusted path execution & so on. i'm kinda confused now so i'll just go chill on irc for a while, come back & see if any of that made sense... (; scex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.02.9808282319460.4260-100000>