From owner-freebsd-security@freebsd.org  Wed Oct 26 13:33:54 2016
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 41BBFC22B1E
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Wed, 26 Oct 2016 13:33:54 +0000 (UTC)
 (envelope-from tomek.cedro@gmail.com)
Received: from mail-wm0-x229.google.com (mail-wm0-x229.google.com
 [IPv6:2a00:1450:400c:c09::229])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id DAF4A1F08;
 Wed, 26 Oct 2016 13:33:53 +0000 (UTC)
 (envelope-from tomek.cedro@gmail.com)
Received: by mail-wm0-x229.google.com with SMTP id d128so85643966wmf.1;
 Wed, 26 Oct 2016 06:33:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:sender:in-reply-to:references:from:date:message-id
 :subject:to:cc;
 bh=CdPPeHU/wlXNqgsRYpym3xWViPlSj2R03CUnDGqP49A=;
 b=mHmzOv7AXheCunDIrdPZ/SHIrDMOPqsvgZ+MEDncEXAwE62iT1iUVBh8e1OnYALX5O
 IhLL7yKWu36QO7dF833JoyPtI75xQ9YBwWvq4RDwnljV/nD0pb9zx6bKRykIO0my0TKw
 ALAS4dX1IEakYHw0yu/YBvSx515vcOrFze24PoRG3iXOU37tVwF+EdDqbgYPdLsAXSaL
 5t9ttj3mBHgmTLm0x0OR97YRA+1GEQv0n7nEnSI2ioidZ5GA96X2VhV6W/+p+VfOKfdM
 UK7IUw9TprzGM0DCrmpeSk+c9Ix0W0mZyxYhceCVTiR5viS4itRTH+y0Nc0FHO1xjhml
 dw3g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
 :date:message-id:subject:to:cc;
 bh=CdPPeHU/wlXNqgsRYpym3xWViPlSj2R03CUnDGqP49A=;
 b=ELqmd1iCQGW0+SMLRL11eKzQ7XiFR7y1c1N26d+OB9Zfb9f/4ZdjzxiCfm8EKpKIVy
 xF0IcsxDbo71jODxmgdrozZpL2ww7GsJ5AHunqnwIzv9D4Yc8A/WOyk3vwa0N6qmeVie
 6UbpWRyX/tc1RIWPRBoO4OyL4XrT1Mko7WGXmPznfMYEUclHp07LzttdbhlUIiPvYvis
 OSoAvw0u7m20IOMZUmHtjOvAnpYl2PJmiiNcNAiwPKqPJywiGjsgwjAk7B8Eo2etaEaD
 HYzMQVyGRDBSQ7xQszVxqgGD92NjI5qsRe5GZJSMRB8kup8Vt2usdMuUOCTWXRgk33yh
 TlWQ==
X-Gm-Message-State: ABUngveD3/rVu/2p9DY263pthVobgQhhDqzayFzaDiq+ZxzoiXiR2uYTULcln6uz3FcZTdRDxUJVMQoZR1wQug==
X-Received: by 10.194.85.229 with SMTP id k5mr2324992wjz.22.1477488832278;
 Wed, 26 Oct 2016 06:33:52 -0700 (PDT)
MIME-Version: 1.0
Sender: tomek.cedro@gmail.com
Received: by 10.28.178.132 with HTTP; Wed, 26 Oct 2016 06:33:31 -0700 (PDT)
In-Reply-To: <86shrjuud4.fsf@desk.des.no>
References: <20161025173641.BCDFD1911@freefall.freebsd.org>
 <20161026042748.GG60006@garage.freebsd.pl>
 <CAGMYy3v8KxuQfou0SmUNikghH-9NWfneoMPP_15F85WkDaUhKg@mail.gmail.com>
 <20161026061504.GH60006@garage.freebsd.pl>
 <0717BEFA-4E65-4990-AC50-FD80681C110C@FreeBSD.org>
 <CAFYkXjn39kKzcTY-pJObaVz8OGqbzCHE69kYAmRYtz5OX2kpAQ@mail.gmail.com>
 <868ttbwio9.fsf@desk.des.no>
 <CAFYkXjmYCLyQi-PHNtcP2-AALH=2QRwAWBoQDtypUvBtekTFag@mail.gmail.com>
 <864m3zwdro.fsf@desk.des.no>
 <CAFYkXjmgvNz_LpkSJq7AeQp94oXJYvKcttFrYVKLEmmEvwNhkA@mail.gmail.com>
 <86wpgvuwq2.fsf@desk.des.no>
 <CAFYkXjnDe6nuA8QCCnQoDP2CYfcxfH3VWyYXm-Y8x4cWA8FpOw@mail.gmail.com>
 <86shrjuud4.fsf@desk.des.no>
From: CeDeROM <cederom@tlen.pl>
Date: Wed, 26 Oct 2016 15:33:31 +0200
X-Google-Sender-Auth: 86sjYU7gZAuJEiSdzkmxDQRWlVQ
Message-ID: <CAFYkXj=cACm0XJcXkA5Jw1Mq79u43yAU1EpHQ60MqcaRDUfj8A@mail.gmail.com>
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED]
To: =?UTF-8?Q?Dag=2DErling_Sm=C3=B8rgrav?= <des@des.no>
Cc: "Robert N. M. Watson" <rwatson@freebsd.org>, freebsd-security@freebsd.org, 
 Pawel Jakub Dawidek <pjd@freebsd.org>
Content-Type: text/plain; charset=UTF-8
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Oct 2016 13:33:54 -0000

You have this idea to remove local denial of service advisories.

I can understand that. :-)

My idea is to move them into benchmarks/recommendations such as CIS,
not to /dev/null, as they also provide useful information for users
and administrators. CIS-like organization of the local/configuration
advisories/recommendations would make it centralized and reproducible
way of quick system verification in an automated way. That would not
remove additional work but also would not remove important
information. That would lower the "noise" on SA list and benefit
users/admins in a new way. Just an idea..

Can you understand that? :-)

-- 
CeDeROM, SQ7MHZ, http://www.tomek.cedro.info