Thread: OpenBSD The insecurity of OpenBSD
View Single Post
  #5   (View Single Post)  
Old 22nd January 2010
allthatiswrong allthatiswrong is offline
New User
Join Date: Jan 2010
Posts: 4

Originally Posted by jggimi View Post
My summation of the article:

"Oh, all that is wrong can be boiled down to an improper attitude about security and a missing complex ACL structure overlayed on the filesystem. Any ACL system, really. This lack of a fun ACL is so critical, I will repeat variations of this about sixty times, just in case you didn't get it."

"Vulnerabilities everywhere else don't matter, as all systems have vulnerabilities. As long as I can get a filesystem with an ACL."

I assume we'll see a whole host of nasty, vicious rebuttals on misc@. I'm glad I use a threaded mail reader so I can avoid it all.
Hello, I am the author of the article.

I think you may have missed the point of my article, and also grossly oversimplified, and thus dismissed my argument.

Which is not limited to ACL's, but also MAC, and other methods of actually locking down the system in the event of an intrusion.

I'm happy to discuss that argument, but so far all I have seen are dismissals, not rebuttals.

Originally Posted by marc View Post
Well, I think you don't need any ACL and tons of untested addons when you have an audited code and well designed, secure OS ...
So when you need to run software that has not been audited, and someone breaks in and their is no sufficient way to limit what they can do, this is fine?
Reply With Quote