Re: comments on handbook chapter
Dag-Erling Sm=F8rgrav wrote:
> "Travis H." <solinym@gmail.com> writes:
>> ``You do not want to overbuild your security or you will interfere
>> with the detection side, and detection is one of the single most
>> important aspects of any security mechanism. For example, it makes
>> little sense to set the schg flag (see chflags(1)) on every system
>> binary because while this may temporarily protect the binaries, it
>> prevents an attacker who has broken in from making an easily
>> detectable change that may result in your security mechanisms not
>> detecting the attacker at all.''
>=20
> Uh? Since when do we have crap like that in the handbook? It should
> be removed with extreme prejudice.
>=20
> DES
$FreeBSD: doc/en_US.ISO8859-1/books/handbook/security/chapter.sgml,v=20
1.28 2000/03/25 00:19:02 jim Exp $
Claude Buisson
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 6 之 14 篇):