comments on handbook chapter
mal content
artifact.one at googlemail.com
Thu Sep 7 05:33:24 PDT 2006
On 07/09/06, Tom Rhodes <trhodes at freebsd.org> wrote:
> On Thu, 07 Sep 2006 13:21:37 +0200
> des at des.no (Dag-Erling Smørgrav) wrote:
>
> > "Travis H." <solinym at gmail.com> writes:
> > > ``You do not want to overbuild your security or you will interfere
> > > with the detection side, and detection is one of the single most
> > > important aspects of any security mechanism. For example, it makes
> > > little sense to set the schg flag (see chflags(1)) on every system
> > > binary because while this may temporarily protect the binaries, it
> > > prevents an attacker who has broken in from making an easily
> > > detectable change that may result in your security mechanisms not
> > > detecting the attacker at all.''
> >
> > Uh? Since when do we have crap like that in the handbook? It should
> > be removed with extreme prejudice.
> >
>
> Grepping three of these lines, I cannot find it. Tell me Travis,
> what URL did you read this from?
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/security-intro.html
>
> --
> Tom Rhodes
More information about the freebsd-security
mailing list