DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 6th April 2013
barti barti is offline
Shell Scout
 
Join Date: Jul 2012
Posts: 122
Thanked 0 Times in 0 Posts
Default privilege separation ?

Hi again,


I want to ask about privilege separation, it is from this link.

http://allthatiswrong.wordpress.com/...ty-of-openbsd/


--------



> Since the majority of attacks are not against the base system but against software operating at a higher level actively
> listening over the network, it is likely that if an OpenBSD machine were attacked, it would be through such software.
> This is where OpenBSD falls down, as it provides no means to protect from damage in the event of a successful attack.


What BS! You don’t seem to be aware that OpenBSD lead the charge years ago for “priv sep”, and to this day installs
every single ‘ports/packages’ daemon with a distinct, non-privileged userid – a good idea which not only proves that your
statement above is based on ignorance, but provides “secure by default” a strong measure of what the formal approaches claim to offer
but make complex to implement. And it’s also been copied into leading Linux distributions, e.g., Android does exactly the
same thing for every app you install.

--------

Many people indeed dismiss openbsd because of this idea, openbsd wont save you from sql attacks or bad php code.


I don't get it, is that true? does "privilege separation" really is a saver or not?

a real advantage even against sql attacks or php code problems ?

If not, then openbsd is useless as a web server .



Thanks .
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Security vulnerability in sudo allows privilege escalation J65nko News 0 5th March 2013 03:52 PM
Security Intel CPUs affected by VM privilege escalation exploit J65nko News 9 18th June 2012 11:51 PM
Performing network flow separation? beaute FreeBSD Security 0 27th May 2010 01:40 PM


All times are GMT. The time now is 05:19 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick