Subject: Re: Preventative security features?
To: None <tech-security@netbsd.org>
From: Dmitri Nikulin <setagllib@optusnet.com.au>
List: tech-security
Date: 11/13/2004 19:12:21
Martin Husemann wrote:
>On Sat, Nov 13, 2004 at 04:45:38PM +1100, Dmitri Nikulin wrote:
>
>
>>My real point is, NetBSD has portability and now even awesome
>>performance (and passive security of course), why not branch out into
>>proactive security too?
>>
>>
>
>Security has always mattered for NetBSD. Many holes have been pluged in
>NetBSD years before others closed them.
>
>Explicitly setting this prominently as a new top-level goal has been
>discussed and should IMHO happen, you are completely right there. But
>your wording makes it sound like NetBSD completely ignored this for now -
>it didn't.
>
>
Just to reinstate, "(and passive security of course)" appears in my
message. I mean that of course it's secure and this has always been
important, but mostly in the sense that holes don't exist. In terms of
the system itself providing means for admins to actively fight possible
problems and wise-guys, such features aren't quite as apparent in NetBSD.
The kind of functionality I'm suggesting is obfuscation (to add a more
direct approach to passive security) and, more interestingly, walling
off users from each other (without necessarily resorting to jails),
alongside giving root an easier time keeping track of users (like with
the tty snopping as FreeBSD has). These things don't really impact
performance, cleanliness and administration much, but can make a very
big difference against a local attacker. Software's own inherent
security doesn't always make a secure machine.