From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 11:29:45 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 86A0737B401 for ; Tue, 12 Aug 2003 11:29:45 -0700 (PDT) Received: from amsfep12-int.chello.nl (amsfep12-int.chello.nl [213.46.243.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 49FD643FDD for ; Tue, 12 Aug 2003 11:29:44 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep12-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812182942.CTX1274.amsfep12-int.chello.nl@internal>; Tue, 12 Aug 2003 20:29:42 +0200 From: "Devon H. O'Dell" To: "'Mike Tancsa'" Date: Tue, 12 Aug 2003 20:29:10 +0200 Organization: SiteTronics Message-ID: <00e501c360ff$9ffbc470$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <5.2.0.9.0.20030812142811.07fbbc58@209.112.4.2> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 18:29:45 -0000 Right, but without some particular initiative drive that the organization is trying to do such a thing, it's difficult to get others to follow in the footsteps. I'd happily be the first to donate to this cause, as long as I knew that others would be doing the same. I sure as hell-fire can't donate 1.5M. I can donate $150. Devon > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Mike Tancsa > Verzonden: Tuesday, August 12, 2003 8:29 PM > Aan: Devon H. O'Dell > CC: security@freebsd.org > Onderwerp: RE: realpath(3) et al > > At 05:30 PM 12/08/2003 +0200, Devon H. O'Dell wrote: > >not knowing if/when others will be doing the same. There needs to be an > >initiative from the FreeBSD group to get this started -- people need to > be > >able to click a button on the front page of freebsd.org and be able to > >donate as much money as they want (or find out where to send a check). > > There already is. > http://www.freebsdfoundation.org/ > > > > >Should I propose this on freebsd-audit? > > This is more of an advocacy discussion now :-) > > ---Mike > > > >Is there any way I can help other > >than via a monetary contribution? I'd like to do both. > > > >Kind regards, > > > >Devon H. O'Dell > >Systems and Network Engineer > >Simpli, Inc. Web Hosting > >http://www.simpli.biz > > > > > -----Oorspronkelijk bericht----- > > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > > security@freebsd.org] Namens Chris Odell > > > Verzonden: Tuesday, August 12, 2003 5:16 PM > > > Aan: 'Devon H. O'Dell' > > > CC: security@freebsd.org > > > Onderwerp: RE: realpath(3) et al > > > > > > > > > Corporations - INTERNET Companies... > > > > > > If you look at the big picture, having a O.S. that has been audited > > > for issues would actually be cost effective for them. Having to patch > a > > > machine that is in service causes downtime. > > > > > > Lets see - > > > > > > Each machine takes ten (10) minutes of human work to drop into > single > > > user mode and install new binaries/kernels > > > > > > The company has one thousand (1000) machines > > > > > > That comes to ten thousand (10000) minutes, broken down to hours - > 167 > > > Hours > > > > > > The average admin say is making forty five (45) dollars a hour - > over > > > $7000.00 - not including taxes paid by employer. > > > > > > So if one hundred fifty companies donated one thousand dollars (1000) > > > it would save them downtime, payroll, and taxes. > > > > > > Just a rough estimate and my 2 cents > > > > > > > > > Chris Odell > > > chris@redstarnetworks.net > > > > > > > > > -----Original Message----- > > > From: owner-freebsd-security@freebsd.org > > > [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Devon H. > O'Dell > > > Sent: Tuesday, August 12, 2003 7:42 AM > > > To: 'Brooks Davis' > > > Cc: security@freebsd.org > > > Subject: RE: realpath(3) et al > > > > > > > > > Okay, so where do we begin with taking contributions? > > > > > > Devon > > > > > > > -----Oorspronkelijk bericht----- > > > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > > > security@freebsd.org] Namens Brooks Davis > > > > Verzonden: Tuesday, August 12, 2003 4:38 PM > > > > Aan: Devon H. O'Dell > > > > CC: security@freebsd.org > > > > Onderwerp: Re: realpath(3) et al > > > > > > > > On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote: > > > > > What sorts of security standards commissions are there, how much > > > > > does getting "standards certified" cost, and where should we start? > > > > > > > > I think the ballpark number I heard for a minimal certification > under > > > > Common Criteria was $1.5m. > > > > > > > > -- Brooks > > > > > > _______________________________________________ > > > freebsd-security@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > To unsubscribe, send any mail to > > > "freebsd-security-unsubscribe@freebsd.org" > > > > > > _______________________________________________ > > > freebsd-security@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > To unsubscribe, send any mail to "freebsd-security- > > > unsubscribe@freebsd.org" > > > >_______________________________________________ > >freebsd-security@freebsd.org mailing list > >http://lists.freebsd.org/mailman/listinfo/freebsd-security > >To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org"