Date: Fri, 14 Feb 2003 20:55:55 -0500 From: Paul Murphy <pnmurphy@cogeco.ca> To: "Simon 'portlint' Schubert" <corecode@corecode.ath.cx> Cc: markp@FreeBSD.ORG, Yonatan@xpert.com, freebsd-ports-bugs@FreeBSD.ORG, Will Andrews <will@csociety.org> Subject: Re: ports/48132: new port: log keystrokes of remote X servers Message-ID: <20030214205555.7b00f7be.pnmurphy@cogeco.ca> In-Reply-To: <20030214183226.75f1a8cc.corecode@corecode.ath.cx> References: <200302141219.h1ECJwik058765@freefall.freebsd.org> <20030214103226.07ec814b.pnmurphy@cogeco.ca> <20030214183226.75f1a8cc.corecode@corecode.ath.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
--=.dHPRPsIAAkU5vV Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Fri, 14 Feb 2003 18:32:26 +0100 "Simon 'portlint' Schubert" <corecode@corecode.ath.cx> wrote: > Lately Paul Murphy told: > > > I guess it's a bit late to ask now, but is there any _legitimate_ > > use for this port? If not, do we want to encourage this sort of > > thing? Are ports simply committed because they compile on FreeBSD > > without any consideration at to the ethics of them? > > which ethics? who is to decide upon that? we got security analyzers > and port scanners too. and wow, rm is even in the base system and can > be used by root to delete user's files! > Common sense? Committors? Can xspy only be run as root? Can root rm files on a remote system? On Fri, 14 Feb 2003 10:33:17 -0800 Will Andrews <will@csociety.org> wrote: > > FreeBSD only provides the ports -- ethics policies are a > system/network administrator's responsibility. > "He took water, and washed his hands before the multitude, saying, I am innocent of the blood of this just person; see ye to it." Matt. xxvii:24 > FreeBSD's policy in this respect is and has always been > "tools, not policy". Note that FreeBSD provides things like > airsnort, tcpdump, dsniff, ethereal, and so on. > > Almost any application can be coerced into doing something that > might be considered illegal. So why discriminate among them? > Such discrimination can be legally troublesome. That's why I prefaced my comment with the question 'any _legitimate_ use?'. Port scanners, tcpdump, ethereal (and even rm) have uses for debugging and security audits (I don't know about the others). I can only think xspy would be used for sniffing passwords. If a port were proposed that _actually_ did something illegal, under the above 'policies' it would have to be committed. I am just wondering if there is 'a line', who judges it, and what it takes to cross it. I think there is (should be) and the committors have (should have) some responsibility for it. If there is no other use for xspy than sniffing others' privacy then it has crossed it. p.s. To the developer of xspy, I apologize, I am not particularly picking on this port. It was just the one that brought these questions to mind. -- Cogeco ergo sum --=.dHPRPsIAAkU5vV Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+TZ4yTv5Mxsi/WPMRAs9sAJ9B3X8NC3eFJt2oiixPjFSKanGm9ACgmQ3h 68c1cpe+NR6ypbavMBMOVnA= =mONj -----END PGP SIGNATURE----- --=.dHPRPsIAAkU5vV-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030214205555.7b00f7be.pnmurphy>