[EMAIL PROTECTED] wrote:
On Tue, May 24, 2005 at 09:18:58AM -0700, Bruno Delbono wrote:
[EMAIL PROTECTED] wrote:
Ports aren't generally checked for much other than "Does it build?" and
"Does it work?".
So, secure by default means that you should only run OpenBSD as it comes
and do not touch anything on it. Or else, it won't be secure by default;
your warranty is voided and Theo will spank you.
"in the base install" is a very important phrase. Ports don't get
audited much, if at all. This isn't any sort of slap to the porters;
it's just there's a *lot* of code in the port and examing that code
for correctness isn't their intent. Ports are a convenience, not a
promise. Postfix and cyrus aren't base install, and therefore aren't
covered. Ain't life terrible?
Thanks for the info. My concern is that OpenBSD is "secure by default"
when you do a base install but when you start adding things like Postfix
etc... are you still secure?
I know you can configure the system so that most files are read only. I
also know that you can run Postfix in a sandbox ( jail ). It all depends
on how much work I want to put into securing the system. If the answer
to the above question is "no!", then I'll have to lock down Postfix
etc... If the answer to the above question is "Yes!" then I can leave
things the way they are and just install Postfix.
There are trade offs between security and management over head. Putting
Postfix in a sandbox is a nice idea but my understanding is that you
have to take Postfix off-line to add any users and then putt it back in
the sandbox and then bring it back on-line. Leaving Postfix outside of a
sandbox means you just add users when you need to. I did this once on a
FreeBSD email server a few years back. I decided that a sandbox was to
much work.
I'm still a long ways away from designing a system. I haven't even
decided which OS I want to use. If enough people on the list can
convince me that OpenBSD is the way to go I'll install it on a system,
ship it down to Seattle and collect my mail. This will be on a test
domain of course.
