Date: Fri, 17 Apr 1998 00:54:08 -0400 From: Matthew Hunt <mph@pobox.com> To: dima@best.net Cc: stable@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: kernel permissions Message-ID: <19980417005408.08278@mph124.rh.psu.edu> In-Reply-To: <199804170340.UAA12029@burka.rdy.com>; from Dima Ruban on Thu, Apr 16, 1998 at 08:40:22PM -0700 References: <E0yQ0zz-000653-00@set.spradley.tmi.net> <199804170340.UAA12029@burka.rdy.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Apr 16, 1998 at 08:40:22PM -0700, Dima Ruban wrote: > 1. Debugging symbols and symbol table - user doesn't need that. > 2. Possible kernel configuration - questionable. > 3. Kernel namelist - user doesn't need that. > 4. Kernel copy with possible commercial stuff - user doesn't need that. > 5. Kernel copy with possible restricted/crypto - user doesn't need that. My complaint, and I think the general complaint of people disagreeing with you, is that you are not setting policy at your site, you are setting policy on all FreeBSD boxes, as-shipped. Why are you in a position to decide what users, at thousands of sites besides your own, do or do not need to know? Many of the arguments you have made could be applied to making /bin/ls mode 111 as well, since nobody *needs* to look at that. There is a heritage, or intertia, that says we should keep things like they are, unless there is a clear reason to do otherwise. You, therefore, are the one in the position to justify the change, and it does not seem to me like you have done so. My $0.02. -- Matthew Hunt <mph@pobox.com> * Stay close to the Vorlon. http://mph124.rh.psu.edu/~mph/pgp.key for PGP public key 0x67203349. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980417005408.08278>