From owner-freebsd-security  Wed May 15 13:42:54 2002
Delivered-To: freebsd-security@freebsd.org
Received: from lariat.org (lariat.org [63.229.157.2])
	by hub.freebsd.org (Postfix) with ESMTP
	id 6996137B406; Wed, 15 May 2002 13:42:48 -0700 (PDT)
Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [63.229.157.2])
	by lariat.org (8.9.3/8.9.3) with ESMTP id OAA20320;
	Wed, 15 May 2002 14:42:37 -0600 (MDT)
X-message-flag: Warning! Use of Microsoft Outlook may make your system susceptible to Internet worms.
Message-Id: <4.3.2.7.2.20020515144111.0314b860@nospam.lariat.org>
X-Sender: brett@nospam.lariat.org
X-Mailer: QUALCOMM Windows Eudora Version 4.3.2
Date: Wed, 15 May 2002 14:42:33 -0600
To: "Jacques A. Vidrine" <nectar@FreeBSD.org>
From: Brett Glass <brett@lariat.org>
Subject: Re: [Brett Glass] Re: Patch/Announcement for DHCPD remote root
  hole?
Cc: security@FreeBSD.org
In-Reply-To: <20020515193741.GA32329@madman.nectar.cc>
References: <4.3.2.7.2.20020515132148.03139eb0@nospam.lariat.org>
 <4.3.2.7.2.20020515101500.00e7fee0@nospam.lariat.org>
 <4.3.2.7.2.20020509175155.024efc00@nospam.lariat.org>
 <4.3.2.7.2.20020509175155.024efc00@nospam.lariat.org>
 <4.3.2.7.2.20020515101500.00e7fee0@nospam.lariat.org>
 <4.3.2.7.2.20020515132148.03139eb0@nospam.lariat.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

At 01:37 PM 5/15/2002, Jacques A. Vidrine wrote:

>On Wed, May 15, 2002 at 01:25:33PM -0600, Brett Glass wrote:
>> I seem to recall that there's some way to tell /stand/sysinstall to
>> grab packages from -STABLE. But new users won't know that. (*I* don't
>> even remember what magic incantation you have to type in.) 
>
>Then why don't you do something useful, determine exactly what the
>incantation is, and work with a doc committer to get sysinstall
>updated?

Because I doubt that this is possible without a commitment from
the admins to maintain the updated packages in a place that will
be consistent from version to version. There's more to be done here
than just a patch; policy also has to be set.

--Brett


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message