From owner-freebsd-security Wed May 30 10:18:13 2001 Delivered-To: freebsd-security@freebsd.org Received: from prox.centtech.com (moat2.centtech.com [206.196.95.21]) by hub.freebsd.org (Postfix) with ESMTP id BDC9437B423 for ; Wed, 30 May 2001 10:18:08 -0700 (PDT) (envelope-from anderson@centtech.com) Received: (from smap@localhost) by prox.centtech.com (8.9.3+Sun/8.9.3) id JAA14275; Wed, 30 May 2001 09:14:05 -0500 (CDT) Received: from sprint.centtech.com(10.177.173.31) by prox via smap (V2.1+anti-relay+anti-spam) id xma014199; Wed, 30 May 01 09:13:43 -0500 Received: from centtech.com (proton [10.177.173.77]) by sprint.centtech.com (8.9.3+Sun/8.9.3) with ESMTP id JAA22821; Wed, 30 May 2001 09:13:43 -0500 (CDT) Message-ID: <3B150017.890B2B70@centtech.com> Date: Wed, 30 May 2001 09:13:43 -0500 From: Eric Anderson Reply-To: anderson@centtech.com Organization: Centaur Technology X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.14-5.0smp i686) X-Accept-Language: en MIME-Version: 1.0 To: rich@rdrose.org Cc: freebsd-security@freebsd.org Subject: Re: freebsd rootkit References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I think it was supposed to be a joke. rich@rdrose.org wrote: > > On Wed, 30 May 2001, Andrew Barros wrote: > > Someone should add it in ports. > > Now, to me, that seems like a *reallly* bad idea. Imagine the situation: > Some not so nice person keeps an eye on the ports tree for software with > vulnerabilites that are not yet fixed, or indeed uses FreeBSD and keeps an > up to date ports tree. They will see the words "rootkit". > > Can you imagine that? The look on their face. They'll re-read it. They'll > stop and think for a moment. They'll re-read it again. Then, this thought > will fly through their mind: "If I ever break into a FreeBSD machine, I've > got a free rootkit. I don't even need to bother covering my tracks > cleverly anymore". > > I would suggest *not* putting the rootkit in the ports tree, if only to > save those who have only just installed FreeBSD and are just learning the > Unix world. > > rik > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- ------------------------------------------------------------------------------- Eric Anderson anderson@centtech.com Centaur Technology (512) 418-5792 The idea is to die young as late as possible. ------------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message