Kurt MosiejczukSo, when I replace the user Linux box with OpenBSD, I won't be installing the sudo package.
The question is: Do I just let them get a "command not found"? Or do I write a little script that just tells them to knock it off?
Marcin Cieślak@kurtm I am about to replace an aged and not upgradable Gentoo box for casual shell users with some FreeBSD instance as well soon
@saper They still don't do ASLR.
Capsicum seems better than SELinux, but still seems over complicated.
Have you looked at pledge(2)? I really think it is the paradigm to watch going forward.
Capsicum seems better than SELinux, but still seems over complicated.
Have you looked at pledge(2)? I really think it is the paradigm to watch going forward.
@kurtm Didn't know that one. Reminds me of java SecurityManager only less granular. Maybe it's an advantage.... I prefer limited APIs. Who needs more than this http://minnie.tuhs.org/cgi-bin/utree.pl?file=V7/usr/sys/sys/sysent.c
@saper The problem with the super granular stuff that is external to the program is you have to predict *everything* the software might do legitimately. Otherwise, users find their legitimate use of the software is disallowed, so they turn off the security.
@saper The big advantage to pledge over other frameworks is the software uses it.
Things like SELinux, you have to allow the privileged set tasks for the entire run of the program. With pledge, you can do your setup tasks and then drop the capability to do those things.
Things like SELinux, you have to allow the privileged set tasks for the entire run of the program. With pledge, you can do your setup tasks and then drop the capability to do those things.