Wow, this is getting deep. Mikhail, give it a break. You _cannot_ prevent a determined attacker from cauing a system a lot of heartache. For every subsystem that you harden, you introduce new weaknesses and more performance hits which can themselves be used as vulnerabilities. I'd bet my reputation on being able to DoS any box you can present to me, given sufficient technical knowledge of the box and what measures you have implemented.
Now, PHK, Matt Dillon, Jordan, and all these other fine hackers are hammering out code for this fine OS, and each has their own area of interest and specialty. (I don't mean to leave anyone out BTW). Each is doing their own bit to make the OS better. Sometimes you will be able to get one of them interested in a particularly good idea, sometimes you won't. There have often been things I've wanted to see in FreeBSD, and sometimes you just have to go hammer out the code yourself and submit it. I've done my own bits... anyone who looks at getty or some of the SLIP code will find my fingerprints on them. Sometimes I've talked people into doing useful things... John Dyson, thanks for madvise(), just for example. Is FreeBSD ideal for a public shell system? No. Yet it is a hell of a lot better than Solaris, which many ISP's use. It's a hell of a lot better than SunOS, which _I'VE_ used for a decade to provide public shell access. If you want to run a public shell system, you have to do so with your eyes wide open. You have to be an experienced admin, willing to take some time to make it work right, or you have to be a clueless newbie admin who is willing to live on the box 24/7. Once you establish this, then any help the OS provides merely falls into the "wonderful fantastic safety net" category. Now, if you'd LIKE the OS to provide a wonderful fantastic safety net, then by all means, STFU and go write one. I'm continually amazed at the fantastic improvements being introduced into FreeBSD on a regular basis... ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgr...@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847 To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-current" in the body of the message
