From nobody Thu Feb 16 08:28:38 2023 X-Original-To: freebsd-arch@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PHSlD6hb3z3pMS1 for ; Thu, 16 Feb 2023 08:28:40 +0000 (UTC) (envelope-from gbe@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PHSlD6Dtrz3P6M; Thu, 16 Feb 2023 08:28:40 +0000 (UTC) (envelope-from gbe@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1676536120; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=hsq9ofFUSrv430Ij/f/gUK2OoDYJNI9tiERHkDtAVA8=; b=sX1cseRVv/DlGf+ZUw93svozt/3OimZE2DIPYmEI2W5UlxCBrbqcNhOG+fBNghbZdgGTwO NH027+Z9pjL8RLEWP2FLuJCJLHwIp5RdmAM8XKawjAMQrDn5oIFcgvudM0vaDwwRH2GEZL hxqy8fuwkqMSgbLY629KlX81m/aPnyAaDblA76CeUH5lir3vJas41Bu6FIa6AQhqJEAcL9 VTPXPq/qIsJjEpKlCMJCOFg6lRfy/ImEbgCDpBqJuOabzesOSSRW6+Tp/+2TaMPpYLVU7E Vh+kT74O1KWklnnYfudSYKMPEeNrmo9H9Ws2jhOChfgXqyG5he0oAOwua08UzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1676536120; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=hsq9ofFUSrv430Ij/f/gUK2OoDYJNI9tiERHkDtAVA8=; b=yu7cstBE3dVPZyUPpxoRQkF3XuwMVhb0peohP2E2cJsOLJRxafo4fbivE3EXV2lYYWC1Gp uuvO4bzF9HPQY9m/V6Sb7xZ0GQwohTxPbUA3kzyc3cIoTW5i0y9qgZNK0JabpNkZ+t+2LJ yVjIwtXjgTIoeLjoI6HMNeVjcG3vScC0e/7pESqUEoDG56XEZcd9RBktB2stijW8sC5jt2 JYu3YcE5T2C8NOHcbBVVqXS4TS22MJcclhstyRpW2YsArAXJciQV2Yzt61trYcUacMTBFm laSqZ/Sw2enjL3KmF0maiYzFGGkl5mmsj1YS8w5oO8rQdNHLX9jCcBUwNUsOEA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1676536120; a=rsa-sha256; cv=none; b=qoup4usS2yscAaajxnhYXVEj7vKYsJFS6v0WtUL6As8C5eNN95Ab7Z9RTOc7WKlHeCt+WG DsDHvt/lpXU3Ve2MREfEGKvoBostuzOKvj8Q5SakT8v+3ZmgwoHEsp0rD7q77Ri/URWQgc eVhw6Kl/7KYh/nPVKCKBkiaPmyOCoV+wJdq9zQdtOrrK9vIul/2xdrnVZpkCcx2m8W+tZb I3N6xvyMx82kXTFsLsrN07IRWZQtDdQHn0RFy0buwrXA+ocDL/A3tbV4GIHHveGKAmDkln kQEEsEHdEoVW/YHrHCHWTuMIx4CcqxFLhVTMx/VekTuovyWQWpNATnG9HpP/RA== Received: from localhost (p200300cb871a694eb5fedb6a75c132cd.dip0.t-ipconnect.de [IPv6:2003:cb:871a:694e:b5fe:db6a:75c1:32cd]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: gbe) by smtp.freebsd.org (Postfix) with ESMTPSA id 4PHSlD2Zw3z1RLL; Thu, 16 Feb 2023 08:28:40 +0000 (UTC) (envelope-from gbe@freebsd.org) Date: Thu, 16 Feb 2023 09:28:38 +0100 From: Gordon Bergling To: Colin Percival Cc: freebsd-arch@freebsd.org Subject: Re: RFC: Removing WITHOUT_CAPSICUM and WITHOUT_CASPER from 14.x Message-ID: References: <01000186589237d9-6c480554-3d01-405a-9f7a-81e96ae2a395-000000@email.amazonses.com> List-Id: Discussion related to FreeBSD architecture List-Archive: https://lists.freebsd.org/archives/freebsd-arch List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-arch@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="muXi3RvwTHNSc94g" Content-Disposition: inline In-Reply-To: <01000186589237d9-6c480554-3d01-405a-9f7a-81e96ae2a395-000000@email.amazonses.com> X-Url: X-Operating-System: FreeBSD 13.2-STABLE amd64 X-Host-Uptime: 9:25AM up 15:46, 2 users, load averages: 0.47, 0.33, 0.26 X-ThisMailContainsUnwantedMimeParts: N --muXi3RvwTHNSc94g Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Colin, On Thu, Feb 16, 2023 at 04:53:43AM +0000, Colin Percival wrote: > Hi FreeBSD architects, >=20 > I'd like to remove WITHOUT_CAPSICUM and WITHOUT_CASPER for FreeBSD 14.x. >=20 > The rationale for this is threefold: >=20 > 1. They doesn't serve any useful purpose and merely weakens security; >=20 > 2. They're an anomaly among WITH/WITHOUT options -- most WITHOUT_* options > take the form "don't build/install " rather than having > effects across the entire tree. >=20 > 3. They're a pain for release engineering, because approximately nobody e= ver > tests FreeBSD with WITHOUT_CAPSICUM or WITHOUT_CASPER set, but they're the > sort of option which can easily break the build due to having affects all > over the tree. >=20 > If nobody objects, my plan is to get rid of the WITHOUT_ build options fi= rst > and leave MK_{CAPSICUM,CASPER} set unconditionally to "yes"; then sweep t= he > tree (mostly a matter of running unifdef) after 14.x is branched. I would think that this a good idea, besides from the release engineering p= oint of view I can't think about a business case where security measures should = be disabled. --Gordon --muXi3RvwTHNSc94g Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGTBAEBCgB9FiEEYbWI0KY5X7yH/Fy4OQX2V8rP09wFAmPt6SxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYx QjU4OEQwQTYzOTVGQkM4N0ZDNUNCODM5MDVGNjU3Q0FDRkQzREMACgkQOQX2V8rP 09x8HggAtS99Oxwq+aJc7xbyFWPR12QaSzNU+ZHj0XcE/+pcsSP838lzjYJovlhO 36lRTz973HHfpNaoRc/gWADWiyNrqRxoqKBUvBK36UmwBLlpW5I65yaoXlIwg4HC JoRmGs8EqPV6+ENcfmc+G2ueoKFeBN/D3o0+OairSaYpqZ9ram9ezeghnowE0Db2 XYdUb2BhGqdyzZdapKfUFGLNmrVJmRVj4ibm1Cs4il+H/MZjfTV+F5HQjPJuYOzG hYt3juaLXuagwH6nqshmOz7nNmSu6cMcNFrZTpRwFqopwy13tkwLReLk9vH+j3iE gIgGrPAZdVdwCSEd5e5C83024KNcQQ== =HqYv -----END PGP SIGNATURE----- --muXi3RvwTHNSc94g--