I already have a copy of NT... -- JB -----Original Message----- From: Neil Doane [mailto:caine@xxxxxxxxxxxxxxxx] Sent: Friday, July 14, 2000 3:58 PM To: technocracy@xxxxxxxxxxxxxxxxx Subject: Kernel needs [was: SCO] * Steve Baker (ice@xxxxxxxxxxxxxxxxx) on [07-14-00 13:33] did utter: > really, once you get down to it, a good VM, memory protection, filesystems, > networking and the like are all that really belong in the kernel I'm curious as to what people here think about integrated kernel-level security features like SecureBSD's MDA hash check-before-execute features or the myriad kernel-level features of things like the Linux Intrusion Detection System (www.lids.org) (send security alerts through network (mail/remote syslog/http POST) directly from kernel, or limiting access to raw devices or io ports to only pre-specified processes.) I mean, SecureBSD has a database of the checksums of every binary on its system floating around in memory (I guess) and LIDS is implementing its own MTA _inside the kernel_ (among other things). Is this going overboard or not? Opinions? Neil ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ . /._ o / --personal="caine@xxxxxxxxxxxxxxxx" /|//- / / --business="caine@xxxxxxxxxxx" / ''- / /__ --homepage="http://antediluvian.org/"; ' ~~ http://angryflower.com/bobsqu.gif ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~