From owner-freebsd-security Mon Dec 21 15:03:06 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA07121 for freebsd-security-outgoing; Mon, 21 Dec 1998 15:03:06 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ns1.yes.no (ns1.yes.no [195.204.136.10]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA07111; Mon, 21 Dec 1998 15:02:55 -0800 (PST) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218]) by ns1.yes.no (8.9.1a/8.9.1) with ESMTP id AAA17262; Tue, 22 Dec 1998 00:02:43 +0100 (CET) Received: (from eivind@localhost) by bitbox.follo.net (8.8.8/8.8.6) id AAA16570; Tue, 22 Dec 1998 00:02:42 +0100 (MET) Message-ID: <19981222000242.H14124@follo.net> Date: Tue, 22 Dec 1998 00:02:42 +0100 From: Eivind Eklund To: Cliff Skolnick Cc: Matt Dillon , security@FreeBSD.ORG Subject: Re: cvs commit: src/etc rc.conf References: <19981221163532.G14124@follo.net> <000201be2d2c$0b94baa0$2020a8c0@icarus.internal.steam.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: <000201be2d2c$0b94baa0$2020a8c0@icarus.internal.steam.com>; from Cliff Skolnick on Mon, Dec 21, 1998 at 01:51:20PM -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Dec 21, 1998 at 01:51:20PM -0800, Cliff Skolnick wrote: > This sandbox stuff is starting to worry me :( > > The more FreeBSD changes stock daemons used on many other UNIX systems the > harder it will be to respond to know bugs. For denial of service attacks > often the sandbox will not help, if the daemon dumps core or becomes > unusable it doesn't matter what UID it was. > > The sandbox changes a fundamental design of UNIX, and makes FreeBSD > "different" than other UNIX systems. The difference in the short term may > be more security, but in the long term FreeBSD daemons could become > hopelessly out of sync with standard daemon distributions over time. It's > one thing to change a few permissions and directory names, it's completely > different to start passing file descriptors (which is only mildly portable) > via a coprocess. We track BIND from Vixie. If we're going to do this sort of changes, we will at least attempt to get it integrated in the standard distribution. There will not be any large-scale patches that make it difficult to track the standard distribution. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message