[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenBSD Firewalls

To: misc@openbsd.org
Subject: Re: OpenBSD Firewalls
From: Lars Hansson <lars@unet.net.ph>
Date: Wed, 2 Oct 2002 14:24:22 +0800
Content-Disposition: inline
Mail-Followup-To: Lars Hansson <lars@unet.net.ph>, misc@openbsd.org
References: <FHEBKOCJFMEPEOJCFJFMGENIDJAA.km@themcminns.com> <9CEDDAC8-D5CD-11D6-8CFA-003065F9345A@msys.ch>
User-Agent: Mutt/1.3.28i

On Wed, Oct 02, 2002 at 08:10:13AM +0200, Marc Balmer wrote:
> Editing the plain configuration file should not be allowed for the 
> untrained user,

One could argue that the untrained user has no business performing
those tasks to begin with.

>so I consider a GUI or a shell as a security feature as it 
> prevents
> the user from entering non-working configuration data, IMHO.

No it does not. It might prevent them from entering /invalid/ data
but that's not the same as non-working data.

---
Lars Hansson

References:
- Re: OpenBSD Firewalls
  - From: "S9" <km@themcminns.com>
- Re: OpenBSD Firewalls
  - From: Marc Balmer <marc@msys.ch>

Prev by Date: Re: OpenBSD Firewalls
Next by Date: Updating nat when external ip address changes
Prev by thread: Re: OpenBSD Firewalls
Next by thread: Re: OpenBSD Firewalls
Index(es):
- Date
- Thread