From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 11:27:14 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4ADD237B401 for ; Tue, 12 Aug 2003 11:27:14 -0700 (PDT) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7870D43FBD for ; Tue, 12 Aug 2003 11:27:13 -0700 (PDT) (envelope-from mike@sentex.net) Received: from simian.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.12.9/8.12.8) with ESMTP id h7CIRB21080629; Tue, 12 Aug 2003 14:27:12 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <5.2.0.9.0.20030812142811.07fbbc58@209.112.4.2> X-Sender: mdtpop@209.112.4.2 (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Tue, 12 Aug 2003 14:29:24 -0400 To: "Devon H. O'Dell" From: Mike Tancsa In-Reply-To: <00bc01c360e6$b2ac0b70$9f8d2ed5@internal> References: <000201c360e4$9a450390$0304a8c0@delllaptop> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: By Sentex Communications (lava/20020517) cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 18:27:14 -0000 At 05:30 PM 12/08/2003 +0200, Devon H. O'Dell wrote: >not knowing if/when others will be doing the same. There needs to be an >initiative from the FreeBSD group to get this started -- people need to be >able to click a button on the front page of freebsd.org and be able to >donate as much money as they want (or find out where to send a check). There already is. http://www.freebsdfoundation.org/ >Should I propose this on freebsd-audit? This is more of an advocacy discussion now :-) ---Mike >Is there any way I can help other >than via a monetary contribution? I'd like to do both. > >Kind regards, > >Devon H. O'Dell >Systems and Network Engineer >Simpli, Inc. Web Hosting >http://www.simpli.biz > > > -----Oorspronkelijk bericht----- > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > security@freebsd.org] Namens Chris Odell > > Verzonden: Tuesday, August 12, 2003 5:16 PM > > Aan: 'Devon H. O'Dell' > > CC: security@freebsd.org > > Onderwerp: RE: realpath(3) et al > > > > > > Corporations - INTERNET Companies... > > > > If you look at the big picture, having a O.S. that has been audited > > for issues would actually be cost effective for them. Having to patch a > > machine that is in service causes downtime. > > > > Lets see - > > > > Each machine takes ten (10) minutes of human work to drop into single > > user mode and install new binaries/kernels > > > > The company has one thousand (1000) machines > > > > That comes to ten thousand (10000) minutes, broken down to hours - 167 > > Hours > > > > The average admin say is making forty five (45) dollars a hour - over > > $7000.00 - not including taxes paid by employer. > > > > So if one hundred fifty companies donated one thousand dollars (1000) > > it would save them downtime, payroll, and taxes. > > > > Just a rough estimate and my 2 cents > > > > > > Chris Odell > > chris@redstarnetworks.net > > > > > > -----Original Message----- > > From: owner-freebsd-security@freebsd.org > > [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Devon H. O'Dell > > Sent: Tuesday, August 12, 2003 7:42 AM > > To: 'Brooks Davis' > > Cc: security@freebsd.org > > Subject: RE: realpath(3) et al > > > > > > Okay, so where do we begin with taking contributions? > > > > Devon > > > > > -----Oorspronkelijk bericht----- > > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > > security@freebsd.org] Namens Brooks Davis > > > Verzonden: Tuesday, August 12, 2003 4:38 PM > > > Aan: Devon H. O'Dell > > > CC: security@freebsd.org > > > Onderwerp: Re: realpath(3) et al > > > > > > On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote: > > > > What sorts of security standards commissions are there, how much > > > > does getting "standards certified" cost, and where should we start? > > > > > > I think the ballpark number I heard for a minimal certification under > > > Common Criteria was $1.5m. > > > > > > -- Brooks > > > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to > > "freebsd-security-unsubscribe@freebsd.org" > > > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to "freebsd-security- > > unsubscribe@freebsd.org" > >_______________________________________________ >freebsd-security@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"