atom feed21 messages in org.freebsd.freebsd-archRe: How much security should ldconfig...
FromSent OnAttachments
John PolstraJul 26, 2000 7:35 pm 
Chris CostelloJul 26, 2000 8:54 pm 
Nate WilliamsJul 26, 2000 10:54 pm 
Mark MurrayJul 26, 2000 11:15 pm 
Warner LoshJul 26, 2000 11:24 pm 
Adrian ChaddJul 27, 2000 12:03 am 
Poul-Henning KampJul 27, 2000 12:30 am 
Alfred PerlsteinJul 27, 2000 12:44 am 
Jacques A. VidrineJul 27, 2000 5:50 am 
Neil Blakey-MilnerJul 27, 2000 5:52 am 
Jacques A. VidrineJul 27, 2000 6:38 am 
Daniel O'ConnorJul 27, 2000 6:44 am 
Neil Blakey-MilnerJul 27, 2000 6:47 am 
Robert WatsonJul 27, 2000 8:14 am 
Alfred PerlsteinJul 27, 2000 9:39 am 
Jacques A. VidrineJul 27, 2000 11:03 am 
Ollivier RobertJul 27, 2000 12:32 pm 
John PolstraJul 27, 2000 9:28 pm 
John PolstraJul 27, 2000 9:38 pm 
Alexander LeidingerJul 28, 2000 5:09 am 
John PolstraJul 28, 2000 8:21 am 
Subject:Re: How much security should ldconfig enforce?
From:Daniel O'Connor (dar@dons.net.au)
Date:Jul 27, 2000 6:44:05 am
List:org.freebsd.freebsd-arch

On 27-Jul-00 Jacques A. Vidrine wrote:

On Thu, Jul 27, 2000 at 02:52:47PM +0200, Neil Blakey-Milner wrote:

You expect someone to check out sources and recompile the program to make it secure when you can instead use a command line option?

No, I expect by default that it be built in secure mode.

I expect that if someone wants to shoot herself in the foot, she can twiddle make.conf and rebuild from source to disable this option.

If the default behaviour is safe (ie by default it checks permissions) then I don't see that it is necessary to make it a build time option.

If you are playing with options you don't understand then you're asking for trouble :)

--- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum

To Unsubscribe: send mail to majo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message