Date: Sun, 12 Nov 2006 14:40:23 GMT From: Giorgos Keramidas <keramida@FreeBSD.org> To: freebsd-doc@FreeBSD.org Subject: Re: docs/104403: man security should mention that the usage of the X Window Systen is only possible with kern.securitylevel=-1 Message-ID: <200611121440.kACEeNCZ068771@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR docs/104403; it has been noted by GNATS. From: Giorgos Keramidas <keramida@FreeBSD.org> To: Niclas Zeising <lothrandil@n00b.apagnu.se> Cc: bug-followup@FreeBSD.org Subject: Re: docs/104403: man security should mention that the usage of the X Window Systen is only possible with kern.securitylevel=-1 Date: Sun, 12 Nov 2006 15:29:27 +0100 On 2006-11-12 14:55, Niclas Zeising <lothrandil@n00b.apagnu.se> wrote: >Giorgos Keramidas wrote: >> I'm not sure. >> >> Should we also mention that you can't "installworld" with an elevated >> securelevel, because chflags may fail to work and cause problems? >> Should we also mention that not being able to change the firewall >> rules can be tricky, if you are testing your new firewall ruleset, >> and get locked out? >> >> There are *MANY* ways in which an elevated securelevel can turn >> around and bite you in the ass, but do we _really_ have to enumerate >> them all in mind-boggingly detail? ... in a single manpage? >> >> I really don't know. > > I believe they should be documented somewhere, to avoid questions. I believe a manpage is not the right place for long, detailed, filled with gory details explanation of all the possible scenarios that can go wrong. I mean, there are ways to destroy a system with rm(1) too, but we don't have a list of funny, albeit dangerous "rm -fr /" scenarios in that manpage too. This sort of stuff, in my opinion, belongs to a tutorial style guide, i.e. something like a "Mini Guide for Security on FreeBSD". A manpage should be written as a 'reference' guide, but that's only *my* point of view. > But you are right in that there are numerous consequences in raising > secure levels and that it might be a bit over the top to document them > all. Maybe I/we have to face the fact that it's too much and/or > unnecessary to document all consequences, and rely on that if a > sysadmin feels the need to raise the secure-level he knows what he's > doing and the consequences of doing so. Maybe the biggest issues in > raising secure-level should be mentioned, but then again, who decides > which those issues are? EXACTLY! Picking up what level of detail we want to appear in a manpage is not easy if we let all the details about all potentially harmful scenarios go in. But if we treat manpages as 'reference' material, then the field is much much more clear. For example, we don't document all the different ways that fgets(3) can be abused in its manpage. We don't document all the potentially stupid ways to use scanf(3) in its manpage either. What we *do* write about in most manpages is a `reference guide'. > Maybe it's best to leave the documentation regarding this as it is, > and give an answer whenever the issues pops up. Or we can expand, extend and clean up the ``Security'' chapter of the Handbook, which has the potential and the purpose of being a guide which matches both a `tutorial' and `reference' styles (depending on how complete and nicely written the relevant sections are, of course). - Giorgos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611121440.kACEeNCZ068771>