From owner-freebsd-stable  Mon Sep  6 10:43:14 1999
Delivered-To: freebsd-stable@freebsd.org
Received: from dt011n65.san.rr.com (dt010nb9.san.rr.com [204.210.12.185])
	by hub.freebsd.org (Postfix) with ESMTP id BAC5F14E3B
	for <freebsd-stable@freebsd.org>; Mon,  6 Sep 1999 10:43:09 -0700 (PDT)
	(envelope-from Doug@gorean.org)
Received: from gorean.org (master [10.0.0.2])
	by dt011n65.san.rr.com (8.9.3/8.8.8) with ESMTP id KAA95309;
	Mon, 6 Sep 1999 10:42:46 -0700 (PDT)
	(envelope-from Doug@gorean.org)
Message-ID: <37D3FD16.F976D8A8@gorean.org>
Date: Mon, 06 Sep 1999 10:42:46 -0700
From: Doug <Doug@gorean.org>
Organization: Triborough Bridge & Tunnel Authority
X-Mailer: Mozilla 4.61 [en] (X11; U; FreeBSD 4.0-CURRENT-0904 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Brad Knowles <blk@skynet.be>
Cc: Pascal Hofstee <daeron@Wit401305.student.utwente.nl>,
	freebsd-stable@freebsd.org
Subject: Re: softupdates in latest build?
References: <Pine.BSF.4.10.9909061421050.6342-100000@shadowmere.student.utwente.nl> <v04205526b3f9964ac159@[195.238.1.121]>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

	Please don't cross post to -questions and -stable. If your issue is
pertinent to -stable you should post it there. 

Brad Knowles wrote:
> 
> At 2:22 PM +0200 1999/9/6, Pascal Hofstee wrote:
> 
> > As has been stated several times before and can also be read in the
> > UPDATING file (at least on 4.0-CURRENT)
> 
>         I read the /usr/src/UPDATING file, and noted a number of things
> had changed.  Once I got make world finally done (after about three
> hours), I rebooted and started work on configuring my new kernel.

	You should always make the new kernel before rebooting. Changes between
kernel and userland can cause you big problems. 

>         I ran into some problems with a number of things that had changed
> in the format of kernel configs, but the biggest thing I've run
> across so far is the fact that Berkeley Packet Filtering (bpf) is now
> enabled by default, as opposed to disabled by default.
> 
>         This opens a *huge* security risk

	Someone else already mentioned that if you expect to track -stable you
need to read the list. This has been discussed to death already, and the
only risk it opens up is for those whose machines have already had a root
compromise. The feeling is that if you're already that far down the road,
the person can enable bpf if they really want it. 

> Are we really sure that the FreeBSD Inc. has
> sufficiently increased it's liability insurance to cover the
> potentially multi-million dollar lawsuits that might result from this
> change?

	I hope that this is a joke, but just in case it isn't, the copyright
_clearly_ states that the software is provided AS IS. You assume _all_
responsibility for its use, misuse, abuse, reuse, and any other kind of use
you can think of. 

Hope this helps,

Doug


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message