Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 11 Jul 2001 00:47:17 -0700
From:      "Ted Mittelstaedt" <tedm@toybox.placo.com>
To:        "Matt Dillon" <dillon@earth.backplane.com>, "Alfred Perlstein" <bright@sneakerz.org>
Cc:        "Robert E. Lee" <rel@gulbransen.com>, "Dag-Erling Smorgrav" <des@ofug.org>, <js43064n@pace.edu>, <freebsd-security@FreeBSD.ORG>
Subject:   RE: Kernel Panic
Message-ID:  <000001c109dd$b5342380$1401a8c0@tedm.placo.com>
In-Reply-To: <200107110605.f6B657X24415@earth.backplane.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
>-----Original Message-----
>From: Matt Dillon [mailto:dillon@earth.backplane.com]
>Sent: Tuesday, July 10, 2001 11:05 PM
>To: Alfred Perlstein
>Cc: Robert E. Lee; Dag-Erling Smorgrav; Ted Mittelstaedt;
>js43064n@pace.edu; freebsd-security@FreeBSD.ORG
>Subject: Re: Kernel Panic
>
>
>
>:* Robert E. Lee <rel@gulbransen.com> [010710 22:54] wrote:
>:> On 24 Jun 2001, Dag-Erling Smorgrav wrote:
>:> > "Ted Mittelstaedt" <tedm@toybox.placo.com> writes:
>:> > A disk error would not crash the system.  Please stop spouting
>:> > unfounded (though highly imaginative) bullshit.
>:>

Matt - I'm rather pissed off to see this because I didn't say that and your
cutting and pasting makes it look like I did.  If you go back to the
original mail in question you will find that Dag-Erling Smorgrav
(des@ofug.org) is the one that wrote that.  I in fact responded and
said:

"I didn't say "disk error" I said "disk system" and I made a
particular point in the first message of saying that such an
error is most likely due to a combination of problems with the
motherboard and disk.  And YES, a disk subsystem error CAN crash
the system in fact not only crash it but completely garbage
the filesystem in the process."

Please be more careful quoting in the future.

As far as the rest of your message I agree with it completely, as you
say the fix is proper system admining, not a bunch of additional code
that may or may not work the way you think you want it to.  After all
shell access on a production multiuser system with a lot of users depending
on it is a privilege, not a right these days.  While building a shell
script that will crash the system is an interesting academic exercise,
I hardly think that it's really applicable to 99% of the sites out there.

Such code may have applicability in the "college campus" situation
where you have a lot of hostile users, but as I keep pointing out to
the academics that build these security contraptions, In The Real World
most administrators find that the threat of criminal prosecution is
far more effective at deterring this kind of greasy kids stuff on
corporate networks than an elaborate security system.


Ted Mittelstaedt                                       tedm@toybox.placo.com
Author of:                           The FreeBSD Corporate Networker's Guide
Book website:                          http://www.freebsd-corp-net-guide.com



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?000001c109dd$b5342380$1401a8c0>