From owner-freebsd-security Wed Oct 2 12: 1:14 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B748737B401 for ; Wed, 2 Oct 2002 12:01:12 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4C9BD43E77 for ; Wed, 2 Oct 2002 12:01:12 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id E6F67154D5; Wed, 2 Oct 2002 11:58:32 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id E6293154D3; Wed, 2 Oct 2002 11:58:32 -0700 (PDT) Date: Wed, 2 Oct 2002 11:58:32 -0700 (PDT) From: Mike Hoskins To: Brian Behlendorf Cc: Klaus Steden , Subject: Re: tar/security best practice (was Re: RE: Is FreeBSD's tar susceptible to this?) In-Reply-To: <20021001183010.E58068-100000@yez.hyperreal.org> Message-ID: <20021002115522.S71488-100000@fubar.adept.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 1 Oct 2002, Brian Behlendorf wrote: > Oh, that would be a pain, wouldn't it? > Like someone said, POLA. In all fairness, taking action that could potentially allow malicious manipulation of filesystems probably isn't very POLA. ;) Really though, I don't see what all the fuss is about. Someone's said we'll have an RC3. I don't understand the huge rush to get new releases out the door (don't in my own company either). It'll be released when it's ready, that's why it's called a 'release'. If we need one more, or ten more RCs... I don't care. It means things are getting fixed while we're waiting. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message