From owner-cvs-all Sat Jan 13 16:46: 5 2001 Delivered-To: cvs-all@freebsd.org Received: from earth.backplane.com (placeholder-dcat-1076843399.broadbandoffice.net [64.47.83.135]) by hub.freebsd.org (Postfix) with ESMTP id C113037B404; Sat, 13 Jan 2001 16:45:37 -0800 (PST) Received: (from dillon@localhost) by earth.backplane.com (8.11.1/8.9.3) id f0E0jPS36713; Sat, 13 Jan 2001 16:45:25 -0800 (PST) (envelope-from dillon) Date: Sat, 13 Jan 2001 16:45:25 -0800 (PST) From: Matt Dillon Message-Id: <200101140045.f0E0jPS36713@earth.backplane.com> To: Mark Murray Cc: Doug Barton , Robert Watson , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/etc crontab rc src/etc/defaults rc.conf src/etc/mtree BSD.root.dist src/libexec Makefile src/libexec/save-entropy Makefile save-entropy.sh References: <200101140007.f0E07G336509@earth.backplane.com> <200101140033.f0E0X4I21880@gratis.grondar.za> Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG : :> It is inappropriate to force the entire developer community to hack up :> their configurations to 'avoid' a problem that should not exist by :> default. : :A problem we avoid is sshd getting predictable numbers and being :compromised. Which is meaningless since production machines are running 4.2. And also meaningless because sshd is not started until much later in the boot process... so all the hell of the hacks to the early-rc code has nothing to do with sshd. :> There is a big difference. One creates havoc, one creates a smooth :> development path. Doug and Mark have chosen the wrong path. : :Actually, Matt, we have chosen the above path. You just don't believe us :because we haven't finished. : :You also ignore the security officer's input in this whole thing. : :M :-- :Mark Murray And you've happily left the tree broken while you debated it, instead of making it opt-in right away as you should have done in the first place. I'm still waiting for that commit. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message