Since the security team have had the procedure of publishing security
advisories for vulnerabilities once a fix available:
https://www.freebsd.org/doc/handbook/security-advisories.html
-Original Message-
From: owner-freebsd-secur...@freebsd.org
[mailto:owner-freebsd-secur...@freebsd.org
Allright :-) I was just thinking aloud.. not necessairly "the" but
rather "something alike" CIS Benchmarks.. I was using them several
times and found people also keen to use them as security measure
before implementation :-)
It is nice to see SA anyway and know things get improved.. it would be
al
CeDeROM writes:
> You have this idea to remove local denial of service advisories.
No. With very few (imho unfortunate) exceptions, we have *never* issued
advisories for local DoS exploits. So we're not taking anything away
from you.
> My idea is to move them into benchmarks/recommendations su
You have this idea to remove local denial of service advisories.
I can understand that. :-)
My idea is to move them into benchmarks/recommendations such as CIS,
not to /dev/null, as they also provide useful information for users
and administrators. CIS-like organization of the local/configuration
CeDeROM writes:
> Dag-Erling Smørgrav writes:
> > CeDeROM writes:
> > > I think it would be nice to have something like CIS Benchmark for
> > > FreeBSD.
> > https://benchmarks.cisecurity.org/downloads/multiform/
> Perfect :-) This is the place for benchmarking "advisories for local
> denial-of-s
On Wed, Oct 26, 2016 at 2:21 PM, Dag-Erling Smørgrav wrote:
> CeDeROM writes:
>> I think it would be nice to have something like CIS Benchmark for
>> FreeBSD.
> https://benchmarks.cisecurity.org/downloads/multiform/
> Right between "Docker" and "FreeRadius"
Perfect :-) This is the place for benc
CeDeROM writes:
> I think it would be nice to have something like CIS Benchmark for
> FreeBSD.
https://benchmarks.cisecurity.org/downloads/multiform/
Right between "Docker" and "FreeRadius"
DES
--
Dag-Erling Smørgrav - d...@des.no
___
freebsd-securit
On Wed, Oct 26, 2016 at 1:28 PM, Dag-Erling Smørgrav wrote:
> That's like asking for a list of ways you can hurt yourself in your own
> home. I could list a hundred, and there would still be thousands more I
> didn't think of.
I think it would be nice to have something like CIS Benchmark for
Fre
CeDeROM writes:
> Dag-Erling Smørgrav writes:
> > [...] there are a million ways for a trusted unprivileged user to
> > cause a DoS, and most of them aren't even bugs. Some of them can be
> > mitigated using quotas or resource limits, but far from all.
> Maybe a dedicated place/list for those..?
On 26 Oct 2016, at 10:42, Dag-Erling Smørgrav wrote:
> CeDeROM writes:
>> Robert N. M. Watson writes:
>>> In general, my strong recommendation is against issuing advisories
>>> for local denial-of-service attacks, (..)
>> I would prefer to get that information regardless of individual
>> prefer
On Wed, Oct 26, 2016 at 11:42 AM, Dag-Erling Smørgrav wrote:
> CeDeROM writes:
>> Robert N. M. Watson writes:
>> > In general, my strong recommendation is against issuing advisories
>> > for local denial-of-service attacks, (..)
>> I would prefer to get that information regardless of individual
CeDeROM writes:
> Robert N. M. Watson writes:
> > In general, my strong recommendation is against issuing advisories
> > for local denial-of-service attacks, (..)
> I would prefer to get that information regardless of individual
> preferences.
It's not a matter of individual preference. During
On Wed, Oct 26, 2016 at 8:53 AM, Robert N. M. Watson
wrote:
> In general, my strong recommendation is against issuing advisories for local
> denial-of-service attacks, (..)
I would prefer to get that information regardless of individual preferences..
SA tells there is a problem that is at least
On Wed, Oct 26, 2016 at 11:18:35AM +0300, Konstantin Belousov wrote:
> On Wed, Oct 26, 2016 at 07:53:44AM +0100, Robert N. M. Watson wrote:
> > Hi Pawel:
> >
> > In general, my strong recommendation is against issuing advisories for
> > local denial-of-service attacks, in part because it suggests
On Wed, Oct 26, 2016 at 07:53:44AM +0100, Robert N. M. Watson wrote:
> Hi Pawel:
>
> In general, my strong recommendation is against issuing advisories for local
> denial-of-service attacks, in part because it suggests we consider it a
> security guarantee of the system that those problems can b
15 matches
Mail list logo
