From owner-freebsd-hackers  Tue Apr 23 11: 7:59 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from scaup.prod.itd.earthlink.net (scaup.mail.pas.earthlink.net [207.217.120.49])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5FDB137B41A; Tue, 23 Apr 2002 11:07:51 -0700 (PDT)
Received: from pool0547.cvx22-bradley.dialup.earthlink.net ([209.179.200.37] helo=mindspring.com)
	by scaup.prod.itd.earthlink.net with esmtp (Exim 3.33 #2)
	id 1704hh-0005bD-00; Tue, 23 Apr 2002 11:07:50 -0700
Message-ID: <3CC5A2D9.D9FB84A3@mindspring.com>
Date: Tue, 23 Apr 2002 11:07:21 -0700
From: Terry Lambert <tlambert2@mindspring.com>
X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony}  (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Robert Watson <rwatson@FreeBSD.org>
Cc: Greg 'groggy' Lehey <grog@FreeBSD.org>,
	Jordan Hubbard <jkh@winston.freebsd.org>,
	Oscar Bonilla <obonilla@galileo.edu>,
	Anthony Schneider <aschneid@mail.slc.edu>,
	Mike Meyer <mwm-dated-1019955884.8b118e@mired.org>,
	hackers@FreeBSD.org
Subject: Re: Security through obscurity? (was: ssh + compiled-in SKEY support 
 considered harmful?)
References: <Pine.NEB.3.96L.1020423110123.64976j-100000@fledge.watson.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

Robert Watson wrote:
> A more conservative default configuration results in a material
> improvement in system security.

I really don't think there's any way to fully protect a
security-unconscious user, as if they had spent the time to
learn what was necessary, and chosen the right settings for
their site.  Nothing can replace a system administrator who
knows which end is up.

I think that trying to do this is doomed to failure, in that
it will engender a false sense of security which is, in many
cases, unwarranted and dangerous.  This is particularly true
for FreeBSD, where the first thing anyone ever does with the
system is install packages/ports which may themselves have
undocumented security vulnerabilities (or even documented ones
for which the documentation is ignored).

This is particularly true when the system is running X11, as
the system *never* *only* runs X11, but instead has all sorts
of clients installed, as well, and generally a significant set
of unaudited software, such as KDE, which you can attack via
CORBA much easier than you could ever hope to directly attack
an X11 server, whose defaults already do not permit remote
connections through intrinsic access controls in the server
("xhost", et. al.).

-- Terry

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message