Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Subject: Re: Displacement of Blame[tm]/All Other BS
From: Paul Boehmer (pboehmerseidata.com)
Date: Fri Jul 14 2000 - 11:08:12 CDT
- Next message: Jeffrey J. Mountin: "Re: Displacement of Blame[tm]"
- Previous message: Marc Rassbach: "Re: Displacement of Blame[tm]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Someone do me a favor and notify freebsd-isp when this thread is dead and
gone. I am tired of checking my mail in the morning only to find 70+
messages of nothing more that childish rants about how this list should
work. I for one, just want to notified that a FreeBSD security problem
exist anywhere, either it be the core system or ports. Does it not make
sense just to state in the subject if this is core or port related security
problem. If you dont want to read it, just delete the message. It does
not get any easier than that.
Just my .02 worth of salt, not gasoline on the fire.
</me unsubscribes to freebsd-securityfreebsd.org>
At 10:53 AM 7/14/00 -0500, you wrote:
>On Fri, 14 Jul 2000, Paul Robinson wrote:
>> Anybody who just does cd /usr/ports/<area>/<package> and then types 'make;
>> make install' deserves to be r00ted in 5 minutes anyway.
>This is a rather poor attitude. The less sites the script kiddies have
>to launch thier attacks from, the harder it will be for the kids to
>hide. It is in ALL of our interests to have hosts secure.
>comment well on how you think
>the ports of FreeBSD is done. Ports and the job done there is part of
>what makes FreeBSD as nice as it is.
>ANY system 'set up and forgotten' is subject to attack and eventually will
>fail. The white hats only have to screw up once. The black hats get to
>try over and over again.
>But to blame ports for making FreeBSD 'less secure', it sounds like you
>should then be looking at OpenBSD. A nice minimalist system, lacking the
>richness of FreeBSD.
>> What I would propose is this - why don't we have 2 lists - one for
>> freebsd-security where genuine issues with security in the core FreeBSD
>> distro are discussed, and another (freebsd-ports-security for example)
>> announcments on ports shipped with FreeBSD are announced.
>Nothing stopping you, Brett or someone else making a second list.
>This whole idea came up a few months ago, and the same suggestion
>was made for a different list to serve this need.
>If you feel the present list doesn't do the job, start your own version
>that you feel *DOES* do the job. And, if it *IS* is a better list
>(better==more popular) one of two things will happen:
>1) you will get the job of managing the security list.
>2) your ideas will be taken, and used to manage the security list.
>Taking the action of creating a new list controlled by the people who want
>change, doen on their serveres, done there way, would address the
>concerns the people who want change have.
>And, like the history of UNIX itself, if the new list has the better idea,
>it will float to the top.
>To Unsubscribe: send mail to majordomoFreeBSD.org
>with "unsubscribe freebsd-security" in the body of the message
SEI Data, Inc
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message