From owner-cvs-all  Thu Jan 16 10:51:20 2003
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 6618837B401; Thu, 16 Jan 2003 10:51:19 -0800 (PST)
Received: from elvis.mu.org (elvis.mu.org [192.203.228.196])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 0C41643ED8; Thu, 16 Jan 2003 10:51:19 -0800 (PST)
	(envelope-from bright@elvis.mu.org)
Received: by elvis.mu.org (Postfix, from userid 1192)
	id ABCF9AE027; Thu, 16 Jan 2003 10:51:15 -0800 (PST)
Date: Thu, 16 Jan 2003 10:51:15 -0800
From: Alfred Perlstein <bright@mu.org>
To: Nate Lawson <nate@root.org>
Cc: Martin Blapp <mb@imp.ch>, cvs-all@FreeBSD.org,
	cvs-committers@FreeBSD.org
Subject: Re: cvs commit: src/usr.sbin/mountd mountd.c src/usr.sbin/rpc.lockd lockd.c src/usr.sbin/rpc.statd statd.c src/usr.sbin/rpc.yppasswdd yppasswdd_main.c src/usr.sbin/rpcbind rpcb_svc_com
Message-ID: <20030116185115.GQ33821@elvis.mu.org>
References: <20030116185752.L98919@levais.imp.ch> <Pine.BSF.4.21.0301161015050.46845-100000@root.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.BSF.4.21.0301161015050.46845-100000@root.org>
User-Agent: Mutt/1.4i
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

In the light of the security issues here and request for silence
about the issue, perhaps we can post a followup to -developers after
such a commit and at a later date follow up with a forced commit
when things are "safe" to completely explain the issue.

-Alfred

* Nate Lawson <nate@root.org> [030116 10:23] wrote:
> On Thu, 16 Jan 2003, Martin Blapp wrote:
> > Nate Lawson wrote: 
> > > Please use a longer MFC period than 1 day for something which touches
> > > a major library component and many user programs.  In particular, changes
> > > like this could use testing:
> > 
> > Of course you are right and it would be better to have this in the tree for
> > 2-3 weeks before MCF.
> > 
> > This is a security fix, and has been in question since two weeks. I'm mailed re
> > about  it and unfortunatly it took so long. We (Re and I) did extensivly
> > test this change.
> 
> I don't think I understand.  Please give more information on the
> commits:
> 
> * "Implement non-blocking tcp-connections. MFC: 1 day"
> * MFC of the above, 2 hours later
> * "Fix memleak. MFC: 2 weeks"
> * MFC of the above, 13 minutes later
> 
> I have a hard time believing that adding non-blocking tcp connections is a
> security fix.  At the very least, you should use a much more verbose
> commit message for such a large change.
> 
> -Nate

-- 
-Alfred Perlstein [alfred@freebsd.org]
'Instead of asking why a piece of software is using "1970s technology,"
 start asking why software is ignoring 30 years of accumulated wisdom.'

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message