From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 08:36:02 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DDC1237B401 for ; Tue, 12 Aug 2003 08:36:02 -0700 (PDT) Received: from otter3.centtech.com (moat3.centtech.com [207.200.51.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id D31E543FBF for ; Tue, 12 Aug 2003 08:36:01 -0700 (PDT) (envelope-from anderson@centtech.com) Received: from centtech.com (dhcp-181.centtech.com [204.177.173.181]) by otter3.centtech.com (8.12.3/8.12.3) with ESMTP id h7CFa056022110; Tue, 12 Aug 2003 10:36:01 -0500 (CDT) (envelope-from anderson@centtech.com) Message-ID: <3F390945.8060509@centtech.com> Date: Tue, 12 Aug 2003 10:35:33 -0500 From: Eric Anderson User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 X-Accept-Language: en-us, en MIME-Version: 1.0 To: chris@redstarnetworks.net References: <000201c360e4$9a450390$0304a8c0@delllaptop> In-Reply-To: <000201c360e4$9a450390$0304a8c0@delllaptop> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: "'Devon H. O'Dell'" cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 15:36:03 -0000 Chris Odell wrote: > > Corporations - INTERNET Companies... > > If you look at the big picture, having a O.S. that has been audited > for issues would actually be cost effective for them. Having to patch a > machine that is in service causes downtime. > > Lets see - > > Each machine takes ten (10) minutes of human work to drop into single > user mode and install new binaries/kernels > > The company has one thousand (1000) machines > > That comes to ten thousand (10000) minutes, broken down to hours - 167 > Hours > > The average admin say is making forty five (45) dollars a hour - over > $7000.00 - not including taxes paid by employer. > > So if one hundred fifty companies donated one thousand dollars (1000) > it would save them downtime, payroll, and taxes. > > Just a rough estimate and my 2 cents Unfortunately, you're assuming there are 150 companies with 1000 FreeBSD machines, that have an admin getting paid $90k/yr. I think you'd have better luck raising $50 from 3000 people to achieve that same amount of money, but still I believe it would be very hard. Eric -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology Attitudes are contagious, is yours worth catching? ------------------------------------------------------------------