Date: Tue, 12 Aug 2003 13:41:13 +0200 From: "Devon H. O'Dell" <dodell@sitetronics.com> To: "'Simon L. Nielsen'" <simon@FreeBSD.org> Cc: security@freebsd.org Subject: RE: realpath(3) et al Message-ID: <005901c360c6$a257a5b0$9f8d2ed5@internal> In-Reply-To: <20030812113147.GA1022@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> The audit fixes from OpenBSD? I have no idea if they keep track of them > in some special way, but I think that integrating whem will require a > lot of looking at CVS commit logs and comparing code. Well I'll see if I can take a look at what they've been doing... I don't follow their project very much (is there someone here who does?) > This is a different issue which I don't think should be mixed with > general auditing, since it's far from a trivial change to support this > (at least so I heard - I haven't looked into it, and I have no plans to > do so). Yes, it is a very different issue than general security auditing, but will greatly increase the stability and security of FreeBSD. AFAIK there are already patches for this for FreeBSD 4.8-REL. However, it is also one that will boost the image of FreeBSD as well as make it more accepted by third-party auditors (who I'd also like to see audit FreeBSD). I would be more than willing to contribute time and energy into seeing this happen -- it only improves security (and the image of FreeBSD) :). Additionally (and somewhat unrelated), Linux was recently audited and given the status "very secure". I'd like to see this done for FreeBSD; some official security "standards" audits would only do good, and I'd be willing to contribute to any project attempting to do so. Kind regards, Devon H. O'Dell Systems and Network Engineer Simpli, Inc. Web Hosting http://www.simpli.biz > -- > Simon L. Nielsen > FreeBSD Documentation Team
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005901c360c6$a257a5b0$9f8d2ed5>