From owner-freebsd-security Mon May 15 8:48:11 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id EC4D737B5A0 for ; Mon, 15 May 2000 08:48:01 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id JAA02421; Mon, 15 May 2000 09:47:29 -0600 (MDT) Message-Id: <4.3.1.2.20000515094342.045eb7e0@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Mon, 15 May 2000 09:47:21 -0600 To: mike@minivend.com From: Brett Glass Subject: Re: (forw) Back door in Minivend Cc: security@freebsd.org In-Reply-To: <20000515100638.A28429@bill.minivend.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I've checked the lists, and no, your program does not appear to be the one which was reported to have a back door. I stand corrected. The only thing that appears to be harmful about the program is that it is GPLed. You really SHOULD consider using a truly free license! According to Bruce Perens, the next version of the GPL will impose nasty conditions upon service providers and merchants who use GPLed code, such as requiring them to reveal all of their in-house additions to it even if they do not redistribute it. --Brett At 08:06 AM 5/15/2000, Mike Heins wrote: >Would appreciate it if you would correct your misstatement >on the freebsd mail lists (I am not a subscriber). Thanks. > >Mike >----- Forwarded message from Mike Heins ----- > >Date: Mon, 15 May 2000 00:03:59 -0400 >From: Mike Heins >To: lunatic@insane.net >Subject: Back door in Minivend >Reply-To: mike@minivend.com >X-Mailer: Mutt 1.0pre3us > >I can assure you that there are no author-inserted back doors >in Minivend, as I am the author. 8-) > >The source is completely open, is GPL, and has been examined by quite >a few people. If you hear of any security problems, let me know. > >I am positive that there has not been a vulnerability posted >to Bugtraq; certainly one of the thousands of Minivend users >would have brought that to my attention. > >If you could post this to the freebsd mail list I would >appreciate it, as I don't have access to it. > >Regards, >Mike Heins >-- >Internet Robotics, 131 Willow Lane, Floor 2, Oxford, OH 45056 >phone +1.513.523.7621 fax 7501 > >Friends don't let friends use Outlook. -- Bob Blaylock > >----- End forwarded message ----- > >-- >Internet Robotics, 131 Willow Lane, Floor 2, Oxford, OH 45056 >phone +1.513.523.7621 fax 7501 > >Unix version of an Outlook-style virus: >It works on the honor system. Please forward this message to everyone >you know, and delete a bunch of your files at random. If nothing else, the brain is an educational toy. -- Tom Robbins To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message