FreeBSD Security in Multiuser Environments
Ian Smith
smithi at nimnet.asn.au
Mon Apr 2 08:00:35 UTC 2012
In freebsd-questions Digest, Vol 408, Issue 10, Message: 5
On Sat, 31 Mar 2012 21:05:00 +0700 Erich Dollansky <erichfreebsdlist at ovitrap.com> wrote:
> On Saturday 31 March 2012 20:26:14 Julian H. Stacey wrote:
[..]
> > Da Rock wrote:
> > > On 03/31/12 17:46, Julian H. Stacey wrote:
[..]
> > > > schultz at ime.usp.br wrote:
> > > >> Hello,
> > > >>
> > > >> I would like to raise a discussion about the security features
> > > >> of FreeBSD as a whole and how they might be employed to actually
> > > >> derive some meaningful guarantees.
> > > > We have a list specialy for freebsd-security at . Please use it.
I thought this to be sensible advice. Before seeing that I'd thought of
copying it to rwatson@ who I figured might take an interest due to his
involvement with Capsicum, acl(3) and such, but he certainly reads that
list anyway (and more than likely, not this one :)
> > > Hang on, hold the phone: The security list (specifically) is for
> > > security announcements. At least that what it said when I subscribed to
> > > it...
> >
> > Wrong.
Correct :)
> > For list of mail lists see:
> > http://lists.freebsd.org/mailman/listinfo
> >
> > Specifically:
> > freebsd-security at freebsd.org
> > http://lists.freebsd.org/mailman/listinfo/freebsd-security
> >
> > freebsd-security-notifications at freebsd.org
> > http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications
> this sounds very confusing for people who have simple question:
>
> 'General system administrator questions of an FAQ nature are
> off-topic for this list, but the creation and maintenance of a FAQ is
> on-topic. Thus, the submission of questions (with answers) for
> inclusion into the FAQ is welcome. Such question/answer sets should
> be clearly marked as (at least "FAQ submission") such in the subject.
> '
schultz' post was nothing in the way of an FAQ issue, but a request for
discussion of a wide range of system security issues, far indeed from a
'simple question'. Had you posted the two paragraphs before the one you
quote above, this may have been a little clearer. To wit:
"This is a technical discussion list covering FreeBSD security issues.
The intention is for the list to contain a high-signal, low-noise
discussion of issues affecting the security of FreeBSD.
"Welcome topics include Cryptography (as it relates to FreeBSD), OS bugs
that affect security, and security design issues. Denial-of-service
(DoS) issues are less important than problems that allow an attacker to
achieve elevated privelige, but are still on-topic."
> This sounds that 'schultz' would be wrong there.
Not at all Erich, quite the opposite in my view; as someone who's been
subscribed to freebsd-security@ for 12 or so years, I look forward to
seeing informed responses to some of schultz' issues. In any event,
{s,}he promptly took Julian's advice to post it there, where one aspect
has already attracted responses from des@ and pjd@
The best way to get a good sense of what issues are acceptible and/or
useful topics for which lists, without having to subscribe, is to browse
a list's archives for several months. Works for me. In this case try:
http://lists.freebsd.org/pipermail/freebsd-security/
cheers, Ian
More information about the freebsd-questions
mailing list