[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security: FreeBSD vs OpenBSD

To: listener@witworx.com
Subject: Re: Security: FreeBSD vs OpenBSD
From: Darren Reed <avalon@coombs.anu.edu.au>
Date: Sun, 3 Feb 2002 14:58:21 +1100 (Australia/ACT)
Cc: misc@openbsd.org (Miscellaneous OBSD)

In some mail from Rod... Whitworth, sie said:
> 
> Nobody ever seems to mention securelevel 2 in which state root is NOT
> all powerful.
> Together with suitably chosen chflags options I would have thought we
> had something better than just an all powerful root.

Problem is, using securelevel & chflags you are denying operations
completely to all users, wherever and whoever they may be.  Neither
is three any concept of delegation.

"root on /dev/console" arguably should have more privs than "root on
/dev/ttyp4" and that's what things like TrustedBSD are looking at.

Darren

Follow-Ups:
- Re: Security: FreeBSD vs OpenBSD
  - From: "Rod... Whitworth" <listener@witworx.com>

References:
- Re: Security: FreeBSD vs OpenBSD
  - From: "Rod... Whitworth" <listener@witworx.com>

Prev by Date: Re: Security: FreeBSD vs OpenBSD
Next by Date: Re: survey
Prev by thread: Re: Security: FreeBSD vs OpenBSD
Next by thread: Re: Security: FreeBSD vs OpenBSD
Index(es):
- Date
- Thread