From owner-freebsd-commit Wed Aug 2 04:39:28 1995 Return-Path: commit-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.11/8.6.6) id EAA03866 for commit-outgoing; Wed, 2 Aug 1995 04:39:28 -0700 Received: (from majordom@localhost) by freefall.cdrom.com (8.6.11/8.6.6) id EAA03850 for cvs-libexec-outgoing; Wed, 2 Aug 1995 04:39:25 -0700 Received: from time.cdrom.com (time.cdrom.com [192.216.222.226]) by freefall.cdrom.com (8.6.11/8.6.6) with ESMTP id EAA03828 ; Wed, 2 Aug 1995 04:39:06 -0700 Received: from localhost (localhost [127.0.0.1]) by time.cdrom.com (8.6.11/8.6.9) with SMTP id EAA03052; Wed, 2 Aug 1995 04:39:02 -0700 To: paul@freebsd.org cc: pst@shockwave.com, jkh@freefall.cdrom.com, CVS-commiters@freefall.cdrom.com, cvs-libexec@freefall.cdrom.com Subject: Re: cvs commit: src/libexec/getty gettytab.5 main.c In-reply-to: Your message of "Wed, 02 Aug 1995 10:56:49 BST." <199508020956.KAA12591@server.netcraft.co.uk> Date: Wed, 02 Aug 1995 04:39:02 -0700 Message-ID: <3050.807363542@time.cdrom.com> From: "Jordan K. Hubbard" Sender: commit-owner@freebsd.org Precedence: bulk > The correct response would have been to explain to this user that it > was firmly recommended not to do that for security reasons. Sigh. Conversations like this never cease to amaze me. What are we *arguing* about here, people?? In this instance we have "the security risk" I've introduced by giving the user the ability to change the default login banner. Wait a minute. What used to be there before? It was "FreeBSD (some.host.name) (ttyxx)", I believe, before all this ruckus got raised. Now this DOES tell us we're running FreeBSD, does it not? Sheesh. I don't *need* the version number! I know the project's only released 4 major releases and statistics would tend to lean towards 2.0 and 2.0.5, so I have all of *two* variations to try in my attack. Boy, challenge me big time, why don't ya! :-) Heck, if those don't work then I'll try my variation for -current and get just about everybody I missed on the first pass. All the technology is openly available, and if someone wants in based on a version-specific flaw then it's pretty obvious what they're going to do upon an encountering a FreeBSD system with no stated revision level: Try it. If it works, they're in. If it doesn't, they try the next trick in their bag or give up when they're out of tricks. A stated revision changes *nothing*. I'm sorry, this argument has gotten entirely too silly. I'm outta here. Jordan