From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 08:21:38 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E956037B40C for ; Tue, 12 Aug 2003 08:21:38 -0700 (PDT) Received: from mail.redstarnetworks.net (www.redstarnetworks.net [216.240.150.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 44AB243F75 for ; Tue, 12 Aug 2003 08:21:28 -0700 (PDT) (envelope-from chris@redstarnetworks.net) Received: (qmail 80379 invoked by uid 85); 12 Aug 2003 15:18:18 -0000 Received: from chris@redstarnetworks.net by colowww.redstarnetworks.net by uid 0 with qmail-scanner-1.16 (clamscan: 0.54. spamassassin: 2.50. Clear:. Processed in 0.678049 secs); 12 Aug 2003 15:18:18 -0000 Received: from unknown (HELO delllaptop) (208.57.57.9) by mail.redstarnetworks.net with SMTP; 12 Aug 2003 15:18:17 -0000 From: "Chris Odell" To: "'Devon H. O'Dell'" Date: Tue, 12 Aug 2003 08:15:41 -0700 Organization: Red Star Networks, INC Message-ID: <000201c360e4$9a450390$0304a8c0@delllaptop> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 In-Reply-To: <009d01c360df$d2afb590$9f8d2ed5@internal> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: chris@redstarnetworks.net List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 15:21:39 -0000 Corporations - INTERNET Companies... If you look at the big picture, having a O.S. that has been audited for issues would actually be cost effective for them. Having to patch a machine that is in service causes downtime. Lets see - Each machine takes ten (10) minutes of human work to drop into single user mode and install new binaries/kernels The company has one thousand (1000) machines That comes to ten thousand (10000) minutes, broken down to hours - 167 Hours The average admin say is making forty five (45) dollars a hour - over $7000.00 - not including taxes paid by employer. So if one hundred fifty companies donated one thousand dollars (1000) it would save them downtime, payroll, and taxes. Just a rough estimate and my 2 cents Chris Odell chris@redstarnetworks.net -----Original Message----- From: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Devon H. O'Dell Sent: Tuesday, August 12, 2003 7:42 AM To: 'Brooks Davis' Cc: security@freebsd.org Subject: RE: realpath(3) et al Okay, so where do we begin with taking contributions? Devon > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Brooks Davis > Verzonden: Tuesday, August 12, 2003 4:38 PM > Aan: Devon H. O'Dell > CC: security@freebsd.org > Onderwerp: Re: realpath(3) et al > > On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote: > > What sorts of security standards commissions are there, how much > > does getting "standards certified" cost, and where should we start? > > I think the ballpark number I heard for a minimal certification under > Common Criteria was $1.5m. > > -- Brooks _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"