Date: Thu, 3 Jun 1999 22:34:04 -0500 (CDT) From: James Wyatt <jwyatt@RWSystems.net> To: Matthew Hunt <mph@astro.caltech.edu> Cc: Unknow User <kernel@tdnet.com.br>, Bill Fumerola <billf@jade.chc-chimes.com>, freebsd-security@freebsd.org Subject: Re: SSH2 (in FreeBSD-Questions) Message-ID: <Pine.BSF.4.05.9906032228570.24168-100000@kasie.rwsystems.net> In-Reply-To: <19990603104521.I58665@wopr.caltech.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 3 Jun 1999, Matthew Hunt wrote: > On Thu, Jun 03, 1999 at 02:40:01PM +0000, Unknow User wrote: > > The problem is that we never now what SUID, port will install! > > It happens that other has the same "false sense of security" i have: > > You smoke crack. Just another crack expert on this list... 8() > How do you know what SUID binaries any software will install? You > read the source! You can do exactly the same for the Ports Collection. > It's all plain English (or at least plain Makefile) for your perusal. I usually read the Makefile, rather than the source. I also keep a 'tee' of the output from the various make phases. When you install something that is SUID, you will usually hear about it in your nightly mail, another really nice feature of FreeBSD. I can't count how many times I've seen the mail from customer firewalls and been able to remotely diagnose duplicate client IP addresses from the ARP jumps... > I think you need to learn how the Ports Collection works before you > condemn it. You clearly do not understand it all. The ports collection just flat rocks! It's the only thing better than packages. I frequently use the ports to take the first whack at something before I port it to AIX or Linux. My FreeBSD laptop is a good porting tool - Jy@ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9906032228570.24168-100000>