Date: Fri, 8 Mar 2002 22:30:03 -0800 (PST) From: swear@blarg.net (Gary W. Swearingen) To: freebsd-doc@freebsd.org Subject: Re: docs/35686: blackhole(4) page seems to contradict itself in WARNING Message-ID: <200203090630.g296U3C43476@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR docs/35686; it has been noted by GNATS.
From: swear@blarg.net (Gary W. Swearingen)
To: Dima Dorfman <dima@trit.org>
Cc: FreeBSD-gnats-submit@freebsd.org
Subject: Re: docs/35686: blackhole(4) page seems to contradict itself in WARNING
Date: 08 Mar 2002 22:24:51 -0800
Dima Dorfman <dima@trit.org> writes:
> "Gary W. Swearingen" <swear@blarg.net> wrote:
> > In order to create a highly secure system, ipfw(8) should be used
> > for protection, not the blackhole feature.
> >
> > This mechanism is not a substitute for securing a system. It should
> > be used together with other security mechanisms.
>
...
> Do you have any
> suggestions for a better wording?
No, since I don't know what it SHOULD be trying to say.
This is my best guess at what the above implies, but I doubt if it is
what it SHOULD imply:
In order to create a highly secure system, ipfw(8) should be used
for protection, not the blackhole feature. For a less-than-highly
secure system, use the blackhole feature with security mechanisms
other than ipfw(8). For an unsecure system use only the blackhole
feature (or nothing).
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203090630.g296U3C43476>