Martin Husemann wrote:

>On Sat, Nov 13, 2004 at 04:45:38PM +1100, Dmitri Nikulin wrote:
>  
>
>>My real point is, NetBSD has portability and now even awesome 
>>performance (and passive security of course), why not branch out into 
>>proactive security too?
>>    
>>
>
>Security has always mattered for NetBSD. Many holes have been pluged in
>NetBSD years before others closed them.
>
>Explicitly setting this prominently as a new top-level goal has been
>discussed and should IMHO happen, you are completely right there. But
>your wording makes it sound like NetBSD completely ignored this for now -
>it didn't.
>  
>
Just to reinstate, "(and passive security of course)" appears in my 
message. I mean that of course it's secure and this has always been 
important, but mostly in the sense that holes don't exist. In terms of 
the system itself providing means for admins to actively fight possible 
problems and wise-guys, such features aren't quite as apparent in NetBSD.

The kind of functionality I'm suggesting is obfuscation (to add a more 
direct approach to passive security) and, more interestingly, walling 
off users from each other (without necessarily resorting to jails), 
alongside giving root an easier time keeping track of users (like with 
the tty snopping as FreeBSD has). These things don't really impact 
performance, cleanliness and administration much, but can make a very 
big difference against a local attacker. Software's own inherent 
security doesn't always make a secure machine.