In message <[EMAIL PROTECTED]> Peter Wemm writes:
: For example, in "workstation" mode, the reasonable default is "open",
: because typically there is one user on the box (other than root) and that
: person has root access. Excessive hiding info from that user just means
: that they'll have to use root more, or will give up the idea of using a mortal
: user entirely and run everything as root (a Really Bad idea, think of Windoze
: and viruses etc etc).
True.
: In a dedicated server role, again it might be appropriate to default
: it to "open" (dedicated server being something like a squid box),
: again there will be a couple of sysadmin type users or people who
: have to monitor things. Hiding information gains nothing there
: either.
I disagree with this, but that is because I've rarely seen a totally
dedicated server. A simple fileserver that does nothing else would
want to be open in this respect since few people have accounts.
: In other roles, including something like a shell server box with presumably
: hostile users (you reasonably have to assume this), you want everything you
: possibly can to be locked down.
Firewall, dialup boxes, dns servers, etc are good candidates to be
locked down.
: Oh for ACL's, privilige attributes, etc. It would solve this sort of thing
: nicely so that you could allow admin users to see what's going on
: (including a ps -ax and see what the users are running) without having to
: constantly (ab)use root and the dangers of overusing that.
sef suggested this be a procfs mount option. I think I like this more
than the sysctl option, but don't strong opinion either way (sysctl is
more like most of the rest of the system, while a mount option would
be harder to change on the fly). Having it be a mount option would
make it possible to have a GID that the files are "owned" by that
could be 'operator' so that operators can see the args, and possibly
other things.
Warner
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
