Date: Tue, 26 Nov 1996 11:09:59 -0600 (CST) From: Joe Greco <jgreco@brasil.moneng.mei.com> To: nik@blueberry.co.uk (Nik Clayton) Cc: hackers@freebsd.org Subject: Re: Replacing sendmail Message-ID: <199611261709.LAA17146@brasil.moneng.mei.com> In-Reply-To: <Mutt.19961126105227.nik@blueberry.co.uk> from "Nik Clayton" at Nov 26, 96 10:52:27 am
next in thread | previous in thread | raw e-mail | index | archive | help
> Joe Greco writes: > > Advantages: > > > > 1) Enhanced security through reduction of unnecessary setuid programs > > on a particular machine. > [...] > > x) Makes it very ease for those that want Perl/Tcl/foo in the 'base'[1] > system to have it, without bloating the system for those of us that > don't. > > N > > [1] Where 'base' is some notional component installed for novices, that > may, in fact, consist of more than one of the existing distributions. Actually, as a first pass, I would settle for having it by default and having a "paring knife" tool to remove it in places where I do not want it. I would like to see this eventually become a movement towards compartmentalization of the FreeBSD base system, just like SunOS/etc do. During install: Yes I want the compiler. No I don't want any of this UUCP or mail crud. No I don't want Perl and Tcl. Don't care about whether or not the rest of them are installed. Eventually it may turn out that we find out that various outside vendors "packages" such as Sendmail could be delivered as "pre-installed packages". So to do a Sendmail upgrade, all you do is pkg_rm sendmail cd /usr/ports/mta/sendmail make make install and it upgrades your Sendmail to the latest and greatest, no hassles. This is, of course, a ways off in terms of feasibility. But the ability to _manage_ portions of the base distribution is a very rough first pass at this. The beauty of this is the simplicity of the tool(s) required to provide the functionality described in an earlier message of mine. I am very much in favor of anything that can automate some of the things I do manually, anyways. ;-) And it would make it SOOOOOOOOOOOOO much easier to pay attention to security issues, with much less effort involved. ... JG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611261709.LAA17146>