On Thu, 12 Aug 2004, Xin LI wrote: > I think I would want to compromise at this point ;) In addition of this, > personally I suggest the following changes to be made: > > - Provide an option in sysinstall so users will be instructed > to choose whether to ``lockdown'' their systems as soon as > the configuration is completed. Also, include this utility > in the installation disc. > - Add a new security audit script which will tell admins that > the permission of "watched" configurations was altered. > This might be turned off by default, or even a depency port > of lockdown, to provide a mechanism to detect potential > break-ins earlier, and to notice users when something like > mergemaster or manual etc/ upgrades has reverted the > permissions. > > What do you think about this? Actually the FreeBSD Simplified Chinese > project is recently coordinating an effort of making an Internationalized > FreeBSD Installer, I think we will try to implement these > things if they looks better. Those sound like good goals, I wish you great luck with them. :) Doug -- This .signature sanitized for your protection _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"