Subject: Re: The reason for securelevel
To: Travis H. <firstname.lastname@example.org>
From: Elad Efrat <elad@NetBSD.org>
Date: 01/29/2006 11:32:04
Travis H. wrote:
> An open mind is a terrible thing to waste.
so is time.
> Personally, I do security for a living
are you a white-hat hacker? :)
> IMHO, leaving a complicated exploitation route is better than leaving
some of the work that is done in that area:
- expect gcc 4.1 soon (?) with built-in ssp;
- there's already a port of some of PaX's features to netbsd (see
other month archives..);
- this very thread is about redesigning securelevel in a finger
- there is a lot of work in progress in having netbsd use kernel
can you see where all these lead to?
some are for creating secure infrastructure to build on. some are
proven exploit mitigation techniques. the goal? focus on having the
implementation be able to do a large variety of things, and changing
the interface to fit the user -- where possible, of course.
...but it's a slow process, and as you're doing security for a living,
i dont need to tell you that we'd rather spend a lot of time in design
than in debugging. :)
of course throughout this thread i've been trying to balance "design"
with not too much of over-engineering.. but...
or was there a different point to your mail that i completely missed? :)