Re: Things to remove from /rescue
From: John-Mark Gurney (gurney_j_at_efn.org)
Date: 07/17/03
- Previous message: David O'Brien: "Things to remove from /rescue"
- In reply to: David O'Brien: "Things to remove from /rescue"
- Next in thread: Ceri Davies: "Re: Things to remove from /rescue"
- Reply: Ceri Davies: "Re: Things to remove from /rescue"
- Reply: Luigi Rizzo: "Re: Things to remove from /rescue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 17 Jul 2003 01:43:33 -0700 To: freebsd-arch@freebsd.org
David O'Brien wrote this message on Thu, Jul 17, 2003 at 01:08 -0700:
> - ipfw & natd & ipf & ipfs & ipfstat & ipmon & ipnan, why would one needs
> these? /rescue is to fix a borked /, not replace PicoBSD.
ipfw I can see as useful. If you have a kernel that defaults to closed,
and you need to access the network, then this is a problem. If we had
a loader tunable to make a closed firewall open, then this wouldn't be
needed, but then we introduce the fun security hole of /boot/loader.conf
munging, which is minor... if someone can modify /boot/loader.conf, you
have bigger fish to fry..
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
_______________________________________________
freebsd-arch@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-arch
To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"
- Previous message: David O'Brien: "Things to remove from /rescue"
- In reply to: David O'Brien: "Things to remove from /rescue"
- Next in thread: Ceri Davies: "Re: Things to remove from /rescue"
- Reply: Ceri Davies: "Re: Things to remove from /rescue"
- Reply: Luigi Rizzo: "Re: Things to remove from /rescue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
