It doesn't and I'll argue all day that it won't help you a bit. Here is an example: 1. running system with OMGACL 2. pkg_add -ui 3. couple of days later at 3am bzzzzz got come to the datacenter because the app bombed 4. oh, the acl terminated it; adjust 5. repeat 3 - 4 until it "works" 6. repeat 2 - 5 in perpetuity
- or - 1. Disable ACL. BTW, microsoft implemented every single ACL type mechanism the NSA ever made public. Tell me again how well it worked for them. Show me an admin that isn't lazy and I'll show you a liar. On Fri, Jan 22, 2010 at 12:35:03AM -0500, Dan Harnett wrote: > On Fri, Jan 22, 2010 at 02:47:27PM +1100, Aaron Mason wrote: > > On Fri, Jan 22, 2010 at 1:56 PM, Zamri Besar <zam4e...@gmail.com> wrote: > > > The insecurity of OpenBSD > > > http://allthatiswrong.wordpress.com/2010/01/20/the-insecurity-of-openbsd/ > > > > > > -zamri- > > > > > > > > > > An interesting read - but seems to just be ACLs, ACLs, ACLs and that's > > about it. And this person's source on the "failings" of strl{cat,cpy} > > cite a guy from Redhat calling it "ineffiient BSD crap" and that's > > about it. > > It's better if you remove all the non-sense, hypocrisy, and political > bull. OpenBSD does not have some sort of MAC. Okay, nothing new there. > Move along.
