Subject: Re: Removing dm(1)
To: NetBSD-current Users <current-users@NetBSD.ORG>
From: Tim Rightnour <root@garbled.futureone.com>
List: tech-security
Date: 11/21/1997 08:58:49
On 21-Nov-97 Cy Schubert - ITSD Open Systems Group spoke unto us all:
# This is why one should not install games on a production server, or at least
# file off any setuid and possibly even setgid bits. In the big picture, games
# are not really worth the time and effort.
Anyone installing a real production machine will (should) be very picky about
what programs he puts on it, to avoid any unsafe conditions.
#
# An alternative is to only include the games in the source distribution, not
# in
# any binary distribution. Make sure that the sysadmin understands the risks
# of
Thats a bit rude to the folx on the vax port dont you think? Besides that..
Alot of people install netbsd on machines that are a bit strapped for space..
For a LONG time I never had the space to do a full build.. I still don't
really, without compressing half my filesystem down.
Besides.. just don't ftp games13.??
# installing games and have her acknowledge this during install via a prompt
# from the Makefile or by having her set an environment variable that
# acknowledges this. Then if a sysadmin installs any games and those games are
# used to compromise any user's account, then its the sysadmin's own damn fault
# for installing games on a mission critical server.
#
Thats not an unreasonable thing for a production server. But for someone who
just has their machine up in a non critical environment and just likes to play
with it.. I don't think he should be subjected to cracking just because he
likes to play larn. I think its a greusome hack to fix the problem by removing
the offending subsystem completely.
---
Tim Rightnour - root@garbled.futureone.com
http://www.zynetwc.com/~garbled/garbled.html