From owner-freebsd-security Thu May 11 9:21:41 2000 Delivered-To: freebsd-security@freebsd.org Received: from gatekeeper.veriohosting.com (gatekeeper.veriohosting.com [192.41.0.2]) by hub.freebsd.org (Postfix) with ESMTP id 70EA537BAA9 for ; Thu, 11 May 2000 09:21:38 -0700 (PDT) (envelope-from hart@iserver.com) Received: by gatekeeper.veriohosting.com; Thu, 11 May 2000 10:21:37 -0600 (MDT) Received: from unknown(192.168.1.109) by gatekeeper.veriohosting.com via smap (V3.1.1) id xma018905; Thu, 11 May 00 10:21:23 -0600 Received: (hart@localhost) by anchovy.orem.iserver.com (8.9.3) id KAA08476; Thu, 11 May 2000 10:21:22 -0600 (MDT) Date: Thu, 11 May 2000 10:21:22 -0600 (MDT) From: Paul Hart X-Sender: hart@anchovy.orem.iserver.com To: Garrett Wollman Cc: freebsd-security@FreeBSD.ORG Subject: Re: envy.vuurwerk.nl daily run output In-Reply-To: <200005111611.MAA17380@khavrinen.lcs.mit.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 11 May 2000, Garrett Wollman wrote: > Stupidity and inexperience. That's a scary thought. "Our security depends on all attackers being stupid." Shouldn't we work toward meaningful tools that cannot be subverted even by the most skilled of attackers? Not all attackers are script kiddies and it would be foolish of us to think they are. > Also, not all break-ins result in root compromise. Agreed. But this specific example did involve root compromise. Paul Hart -- Paul Robert Hart ><8> ><8> ><8> Verio Web Hosting, Inc. hart@iserver.com ><8> ><8> ><8> http://www.iserver.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message