Date: Wed, 01 Dec 1999 17:47:25 -0800 From: "Jordan K. Hubbard" <jkh@zippy.cdrom.com> To: Brock Tellier <btellier@usa.net> Cc: Bill Swingle <unfurl@dub.net>, security@FreeBSD.ORG Subject: Re: [Re: [btellier@USA.NET: Several FreeBSD-3.3 vulnerabilities] ] Message-ID: <36932.944099245@zippy.cdrom.com> In-Reply-To: Your message of "01 Dec 1999 13:02:57 MST." <19991201200257.17312.qmail@nwcst313.netaddress.usa.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Personally, I don't think it is at all unreasonable to do a full 2700 port > install via sysinstall and audit the 200 or so suid-programs. I'm not arguing this at all, I'm simply saying that these issues should be brought up with the 200 or so maintainers of those suid-programs in ports. The security officer hasn't a prayer of addressing all of these and the core parts of FreeBSD as well and this is one of those areas where delegation and "distributed processing" is a necessity. Issues with ports need to be raised with the appropriate ports people. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?36932.944099245>