"Travis H." <[EMAIL PROTECTED]> writes: > ``You do not want to overbuild your security or you will interfere > with the detection side, and detection is one of the single most > important aspects of any security mechanism. For example, it makes > little sense to set the schg flag (see chflags(1)) on every system > binary because while this may temporarily protect the binaries, it > prevents an attacker who has broken in from making an easily > detectable change that may result in your security mechanisms not > detecting the attacker at all.''
Uh? Since when do we have crap like that in the handbook? It should be removed with extreme prejudice. DES -- Dag-Erling Smørgrav - [EMAIL PROTECTED] _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[EMAIL PROTECTED]"
