From owner-freebsd-security  Wed May 15 14:45:37 2002
Delivered-To: freebsd-security@freebsd.org
Received: from lariat.org (lariat.org [63.229.157.2])
	by hub.freebsd.org (Postfix) with ESMTP id 0243237B403
	for <freebsd-security@FreeBSD.ORG>; Wed, 15 May 2002 14:45:32 -0700 (PDT)
Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [63.229.157.2])
	by lariat.org (8.9.3/8.9.3) with ESMTP id PAA21335;
	Wed, 15 May 2002 15:45:22 -0600 (MDT)
X-message-flag: Warning! Use of Microsoft Outlook may make your system susceptible to Internet worms.
Message-Id: <4.3.2.7.2.20020515153739.030e5740@nospam.lariat.org>
X-Sender: brett@nospam.lariat.org
X-Mailer: QUALCOMM Windows Eudora Version 4.3.2
Date: Wed, 15 May 2002 15:45:16 -0600
To: mlafren@dowco.com, freebsd-security@FreeBSD.ORG
From: Brett Glass <brett@lariat.org>
Subject: RE: Patch/Announcement for DHCPD remote root hole?
In-Reply-To: <200205152131.g4FLVv1J011677@webmail.dowco.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

At 03:31 PM 5/15/2002, Michael Lafreniere wrote:

>CVS is a programming AND admin tool.

Only for admins that are willing to risk problems on mission-critical
systems. One should not blindly do updates, and certainly not with
cron.

>I don't wanna be an arse but I've been following this list for over 6 
>months now and you seem to get stuck on the same issues over and over 
>again.  Even after you've gotten good solid answers.  

Those "answers" were not solid. In fact, the were not really answers at all. 

They were a combination of elitist remarks (e.g. "Anyone who doesn't 
use CVSup is a lamer") and poor excuses. It's sad that these vocal
few seem to have forgotten what it was like to be a new user of UNIX and 
FreeBSD. Or that they lack the ethical compass to recognize that allowing 
FreeBSD to install, by default, with open remote root holes and not warning 
the user is simply WRONG.

The excuses I've heard here are almost as bad as the excuses Microsoft 
makes for refusing to reveal and patch security holes.

It's sadder still that the flamers have pushed many of those who support
the ideas I'm expressing here into private mail because they don't want
to be flamed.

--Brett


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message