Date: Wed, 10 Oct 2001 16:46:48 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: arch@FreeBSD.org Cc: Dag-Erling Smorgrav <des@ofug.org> Subject: Re: cvs commit: src/sys/kern kern_proc.c kern_prot.c uipc_socket.c uipc_usrreq.c src/sys/netinet raw_ip.c tcp_subr.c udp_usrreq.c Message-ID: <Pine.NEB.3.96L.1011010162119.58824C-100000@fledge.watson.org> In-Reply-To: <20011010101053.A9313@dragon.nuxi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 10 Oct 2001, David O'Brien wrote: > On Wed, Oct 10, 2001 at 11:56:57AM -0400, Garrett Wollman wrote: > > <<On 10 Oct 2001 17:53:16 +0200, Dag-Erling Smorgrav <des@ofug.org> said: > > > > > Unless you can provide an argument showing that this is necessary to > > > the correct operation of a FreeBSD system, I'll simply ignore your > > > contribution to this discussion. > > > > And I'll simply ignore your ``contribution'' as well, if that's how > > you feel about it. > > > > You asked ``would people mind a lot''. I answered the question: yes, > > people would mind a great deal. The process table is *public > > information*, and has always been so in the entire history of UNIX. > > You are proposing a totally unacceptable POLA violation. > > I agree. It would be POLA. Put something in /etc/rc* that sets it to > `0' if a high SECURE_LEVEL is set, if you like. Otherwise, leave Unix > alone. The proper solution may simply be to use /etc/sysctl.conf, and possibly to teach sysinstall how to read/edit the file properly, as well as the meanings of some popular values. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1011010162119.58824C-100000>