Dag-Erling Smørgrav wrote:
"Travis H." <[EMAIL PROTECTED]> writes:
``You do not want to overbuild your security or you will interfere
with the detection side, and detection is one of the single most
important aspects of any security mechanism. For example, it makes
little sense to set the schg flag (see chflags(1)) on every system
binary because while this may temporarily protect the binaries, it
prevents an attacker who has broken in from making an easily
detectable change that may result in your security mechanisms not
detecting the attacker at all.''
Uh? Since when do we have crap like that in the handbook? It should
be removed with extreme prejudice.
DES
$FreeBSD: doc/en_US.ISO8859-1/books/handbook/security/chapter.sgml,v
1.28 2000/03/25 00:19:02 jim Exp $
Claude Buisson
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
