On Thu, 07 Sep 2006 13:21:37 +0200 [EMAIL PROTECTED] (Dag-Erling Smørgrav) wrote:
> "Travis H." <[EMAIL PROTECTED]> writes: > > ``You do not want to overbuild your security or you will interfere > > with the detection side, and detection is one of the single most > > important aspects of any security mechanism. For example, it makes > > little sense to set the schg flag (see chflags(1)) on every system > > binary because while this may temporarily protect the binaries, it > > prevents an attacker who has broken in from making an easily > > detectable change that may result in your security mechanisms not > > detecting the attacker at all.'' > > Uh? Since when do we have crap like that in the handbook? It should > be removed with extreme prejudice. > Grepping three of these lines, I cannot find it. Tell me Travis, what URL did you read this from? -- Tom Rhodes _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[EMAIL PROTECTED]"
