Subject: Re: Preventative security features?
To: Dmitri Nikulin <setagllib@optusnet.com.au>
From: Martin Husemann <martin@duskware.de>
List: tech-security
Date: 11/13/2004 08:59:51
On Sat, Nov 13, 2004 at 04:45:38PM +1100, Dmitri Nikulin wrote:
> My real point is, NetBSD has portability and now even awesome
> performance (and passive security of course), why not branch out into
> proactive security too?
Security has always mattered for NetBSD. Many holes have been pluged in
NetBSD years before others closed them.
Explicitly setting this prominently as a new top-level goal has been
discussed and should IMHO happen, you are completely right there. But
your wording makes it sound like NetBSD completely ignored this for now -
it didn't.
Some of the points you mentioned have not been clearly analyzed, others
have been and the "right way to do it" would be hard or cost a lot
performance. Some just have not been done yet.
If you thing a particular feature is worth to be considered, post a short
description of what it does, what security benefits you think it has and
how it could be implemented (or is implemented in another OS). Maybe
file a change-request PR.
Martin