From owner-freebsd-security  Mon Jul 20 16:53:05 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id QAA21224
          for freebsd-security-outgoing; Mon, 20 Jul 1998 16:53:05 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from lariat.lariat.org (ppp1000.lariat.org@[206.100.185.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA21154
          for <security@FreeBSD.ORG>; Mon, 20 Jul 1998 16:52:47 -0700 (PDT)
          (envelope-from brett@lariat.org)
Received: (from brett@localhost)
	by lariat.lariat.org (8.8.8/8.8.8) id RAA27271;
	Mon, 20 Jul 1998 17:52:21 -0600 (MDT)
Message-Id: <199807202352.RAA27271@lariat.lariat.org>
X-Sender: brett@mail.lariat.org
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1 
Date: Mon, 20 Jul 1998 17:52:20 -0600
To: "Matthew N. Dodd" <winter@jurai.net>
From: Brett Glass <brett@lariat.org>
Subject: Re: Why is there no info on the QPOPPER hack?
Cc: "Christopher G. Petrilli" <petrilli@dworkin.amber.org>,
        "Gentry A. Bieker" <gbieker@crown.NET>, security@FreeBSD.ORG
In-Reply-To: <Pine.BSF.3.96.980720173840.10970g-100000@sasami.jurai.net>
References: <199807201828.MAA21514@lariat.lariat.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Thousands (maybe tens or hundreds of thousands) of systems have been
potentially compromised because that code was in the FreeBSD Ports
library. I'd find it hard to believe that such a scheme would do
anything but improve the odds that the hole would be closed.

And, no, CVSup is not an answer. On production machines, you don't
want to CVSup to the latest version -- you just want to pick up
known good patches for significant problems.

--Brett

At 05:40 PM 7/20/98 -0400, Matthew N. Dodd wrote:
 
>
>This sort of thing tends to go over poorly at security audits and with
>people who's heads are on the line when things break.
>
>I'm not willing to trust a 3rd party with that level of control of my
>system.  
>
>Nobody should be that trusting.
>
>Just think of what would happen if the update process was compromised.
>
>On Mon, 20 Jul 1998, Brett Glass wrote:
>> I'd go further. I'd be willing to allow an INSTANT automatic upgrade 
>> if the FreeBSD Security Manager sent a message, digitally signed with
>> a nice, long key, saying that a serious exploit might be imminent. It'd
>> be worth the risk. In the case of the QPopper hole, it would have been
>> the Right Thing.
>> 
>> The feature would, of course, be optional. Not everyone would turn it on,
>> but *I* would.
>
>
>
>/* 
>   Matthew N. Dodd		| A memory retaining a love you had for life	
>   winter@jurai.net		| As cruel as it seems nothing ever seems to
>   http://www.jurai.net/~winter | go right - FLA M 3.1:53	
>*/
> 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message