Date: Fri, 15 Sep 2000 19:15:04 -0400 From: Marcel Moolenaar <marcel@cup.hp.com> To: "Eric D. Futch" <efutch@nyct.net> Cc: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>, Daniel Eischen <eischen@vigrid.com>, Will Andrews <will@physics.purdue.edu>, Steve Kargl <sgk@troutmask.apl.washington.edu>, arch@FreeBSD.ORG Subject: Re: Rsh/Rlogin/Rcmd & friends Message-ID: <39C2AD78.F9AAD85C@cup.hp.com> References: <Pine.BSF.4.21.0009151745360.93892-100000@bsd1.nyct.net>
next in thread | previous in thread | raw e-mail | index | archive | help
"Eric D. Futch" wrote: > > >So what! That's the price of security. I believe that the > >telnet/ftp/"r" commands shouldn't even be ports. We need to make it > >difficult to install unsafe software on the system. That way the admin > >would have to go to all the trouble to find the source for unsafe > >software somewhere on the Net, port it, and install it. Then it's not > >FreeBSD's fault if that admin's system is compromised. > > > Then we can just call ourselves OpenBSD and be done with it :). We can do better than that: remove networking, consoles and the ability to run processes. As an optimization we can even avoid loading the kernel. Yep, that's the price of security :-) -- Marcel Moolenaar mail: marcel@cup.hp.com / marcel@FreeBSD.org tel: (408) 447-4222 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39C2AD78.F9AAD85C>