Re: [RFC] Network Security Policy (was Re: atd...)

To: Simon Huggins <huggie@earth.li>
Cc: debian-security@lists.debian.org
Subject: Re: [RFC] Network Security Policy (was Re: atd...)
From: Henrique M Holschuh <hmh+debianml@rcm.org.br>
Date: Tue, 26 Sep 2000 09:37:58 -0300
Message-id: <[🔎] 20000926093758.B2691@godzillah>
In-reply-to: <[🔎] 20000926111457.A31868@the.earth.li>; from huggie@earth.li on Tue, Sep 26, 2000 at 11:14:57AM +0100
References: <[🔎] Pine.LNX.4.21.0009252112290.4172-100000@cornerstone.core.aoi> <[🔎] 01b201c02793$b8d73040$b901a8c0@riskbox.com> <[🔎] 20000926111457.A31868@the.earth.li>

On Tue, 26 Sep 2000, Simon Huggins wrote:
> On Tue, Sep 26, 2000 at 09:28:17AM +0100, Patrick Lambe wrote:
> What would be nice would be The One True Way to know if a service was
> meant to be disabled or not.  i.e. when I apt-get install
> new_network_daemon I want it to look at /etc/security/network-policy (or
> some such) find out that I don't want anything listening until *I* do
> something and not start up.

Part (most?) of this issue is related to daemon auto-start. Please refer to
bug #20373, and to recent debian-devel discussion in the area.

It used to be that some people would complain "show the code" or "there's no
way for the maintainer scripts to read your mind" every time the issue came
up in -devel, because it does involve a lot of work.

This is not an excuse anymore :-) as I'm writing the required code (and I
have already done quite a bit of it and posted it to debian-devel), and the
proposal DOES include local policy control to put initscripts in a tight
leash... I promisse all of you we won't even need the telepaths, which I
have to agree are quite a scarce resource, and needed by the FSF
elsewhere... :^P

However, the entire proposal is still being written and it will bitrot
forever in the -devel/-policy archives if people with the proper status
(hint: Debian developers) don't help a bit when it comes the time to push it
to policy status.

Right now, I'd appreciate *very* much some peer review. Please drop me a
note telling what's braindamaged in my current proposal so that it gets
fixed. The whole initscript policy needs to get done right at the first try,
as it could cause a LOT of headaches later on if the design is flawed.

I really need feedback on the policy area. e.g.: The current design allows
initscript restart/reload through without policy control. Would that be
enough for your needs, or do you need a way to map reload/restart requests
to stop requests (or any other policy measures)?

References:
  BTS #20373: 
  	http://bugs.debian.org/20373
  init script policy code:
  	http://lists.debian.org/debian-devel-0009/msg00869.html
	http://lists.debian.org/debian-devel-0009/msg01207.html

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Attachment: pgpEgb5y5qT6t.pgp
Description: PGP signature

Reply to:

References:
- Re: atd - can I remove it if I don't use at?
  - From: Alexander Hvostov <vulture@aoi.dyndns.org>
- Re: atd - can I remove it if I don't use at?
  - From: "Patrick Lambe" <plambe@riskbox.com>
- [RFC] Network Security Policy (was Re: atd...)
  - From: Simon Huggins <huggie@earth.li>

Prev by Date: Portmap removal, was Re: [RFC] Network Security Policy
Next by Date: Re: Portmap removal, was Re: [RFC] Network Security Policy
Previous by thread: Re: Portmap removal, was Re: [RFC] Network Security Policy
Next by thread: Re: atd - can I remove it if I don't use at?
Index(es):
- Date
- Thread