svn commit: r314036 - head/usr.sbin/bsdinstall/scripts

[Ngie Cooper]

On Wed, Feb 22, 2017 at 12:26 PM, Bryan Drewery <bdrewery at freebsd.org> wrote:
...
> I concur.
> In the original review for adding this I predicted today would come,
> https://reviews.freebsd.org/D6826.  I still think that it is very
> under-designed and under-thought out.
>
> I personally agree with hardening my system, but I have a number of
> issues with this approach:
>
> 1. It makes *1 installation* method do hardening, while every other
> installation method, and *upgrade* methods not do hardening.  So someone
> upgrading from 11.0 to 12.0 won't get hardening, but someone installing
> from bsdinstall for 12.0 fresh will get it.  There should not be a
> distinction between our installation/upgrade methods like this.
>
> 2. It ignores that FreeBSD is *generic Operating System* that serves
> many workflows.  Developers want all of this off, System Administrators
> want all of it on, and Desktop users may want a compromise of half of it
> to allow various drivers to work (not pointing at any specific sysctl
> right now).
>
> I think what is really needed is a system profile that lets you pick the
> workflow you are going to use the system for, and then set some
> reasonable defaults from there.  We will never all agree on the same
> defaults because we all are using the systems differently, but we can
> find some compromise if we make Use Cases, such as a System Profile
> would entail.
>
> I too would like to see this backed out.

(Piggybacking on this thread) Silly question -- can all of these knobs
please default to off and have a global knob, like securelevel..? Fine
grained security is great, but it's really cumbersome tweaking
everything properly if you don't need a set property. Otherwise we end
up with similar complexity to Windows Group Policies (which is good,
but also hell to wade through and thus requires MSDNAA training).
Thanks,
-Ngie