svn commit: r314036 - head/usr.sbin/bsdinstall/scripts
Allan Jude
allanjude at freebsd.org
Wed Feb 22 19:23:41 UTC 2017
On 2017-02-22 13:13, Conrad Meyer wrote:
> On Wed, Feb 22, 2017 at 10:05 AM, Slawa Olhovchenkov <slw at zxy.spb.ru> wrote:
>> On Wed, Feb 22, 2017 at 08:11:14AM -0800, Conrad Meyer wrote:
>>
>>> On Wed, Feb 22, 2017 at 3:23 AM, Joel Dahl <joel at vnode.se> wrote:
>>>> On Wed, Feb 22, 2017 at 07:56:52AM +0000, Bartłomiej Rutkowski wrote:
>>>>> I strongly believe we should, by default, ship as secured and hardened as
>>>>> possible in order to improve overall security of new users installations.
>>>>> Power users will and do change the OS as they please, they most likely
>>>>> don't use bsdinstall in first place, so they're not affected in any way.
>>>>
>>>> Sorry, I strongly disagree with that. I'm most likely a "power user" and I use
>>>> bsdinstall.
>>>
>>> Ditto. I'm also unfamiliar enough with the installer to trip on this
>>> kind of thing. Slawa's proposed "disable all" option would be fine.
>>
>> My english not enought fluent for more explicate proposal, from my
>> point most of this options do hardened in only limited cases, for
>> other cases same options do system more un-hardened by force working
>> as root. Some have unevident effects (/tmp cleaning, for example).
>
> Yep. I am not concerned about disabling sendmail or remote syslog by
> default, though.
>
>> For many users this options will be source of weird issuses (gdb don't
>> work? fucking ugly freebsd! migrate to linux).
>
> Yeah, I am concerned about this too. (Also: "ps doesn't work" would
> be a big newbie sysadmin headache.)
>
>> This is evil trend of enforcing weird solutions under the auspices of
>> 'my safety': airport security check, backgound check on every point,
>> lawfull intercept, block access to hardware management in safety
>> enviroment by 'leak ecnription'. I am enoght smart for self-sufficient
>> security risk assessment!
>>
>> Industry already have at some "hardened" BSD: OpenBSD and HardenedBSD.
>> Waht about market share?
>
> Best,
> Conrad
>
Yeah, a think a number of these options are good, but a bunch are no go.
I do not want something deleting my files from /tmp unexpectedly. TrueOS
has that on by default, and it has eaten useful files a few too many times.
Breaking gdb should NOT be on by default either.
For some of the others, having them on by default in bsdinstall might be
a good way to 'test' the features under a wider user load, before we
switch the defaults for the sysctls.
--
Allan Jude
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 834 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/svn-src-head/attachments/20170222/f00b8469/attachment.sig>
More information about the svn-src-head
mailing list