Dag-Erling Smørgrav
2016-Oct-26 11:28 UTC
FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED]
CeDeROM <cederom at tlen.pl> writes:> Dag-Erling Sm?rgrav <des at des.no> writes: > > [...] there are a million ways for a trusted unprivileged user to > > cause a DoS, and most of them aren't even bugs. Some of them can be > > mitigated using quotas or resource limits, but far from all. > Maybe a dedicated place/list for those..?That's like asking for a list of ways you can hurt yourself in your own home. I could list a hundred, and there would still be thousands more I didn't think of. DES -- Dag-Erling Sm?rgrav - des at des.no
CeDeROM
2016-Oct-26 12:12 UTC
FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED]
On Wed, Oct 26, 2016 at 1:28 PM, Dag-Erling Sm?rgrav <des at des.no> wrote:> That's like asking for a list of ways you can hurt yourself in your own > home. I could list a hundred, and there would still be thousands more I > didn't think of.I think it would be nice to have something like CIS Benchmark for FreeBSD.. It could assess local settings and security. There are for Linux, Windows, ... if we find anything disturbing we could simply create and add a benchmark and recommendation for others to implement and verify.. that could be nice complementary to SA / kernel patch at admin level. It works for others. It could work here :-) -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info