From owner-freebsd-hackers  Mon Jul 12 12:13:18 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from janus.syracuse.net (janus.syracuse.net [205.232.47.15])
	by hub.freebsd.org (Postfix) with ESMTP id CC60C14F5A
	for <hackers@FreeBSD.org>; Mon, 12 Jul 1999 12:13:09 -0700 (PDT)
	(envelope-from green@FreeBSD.org)
Received: from localhost (green@localhost)
	by janus.syracuse.net (8.9.2/8.8.7) with ESMTP id PAA50660;
	Mon, 12 Jul 1999 15:12:50 -0400 (EDT)
X-Authentication-Warning: janus.syracuse.net: green owned process doing -bs
Date: Mon, 12 Jul 1999 15:12:49 -0400 (EDT)
From: "Brian F. Feldman" <green@FreeBSD.org>
X-Sender: green@janus.syracuse.net
To: Sheldon Hearn <sheldonh@uunet.co.za>
Cc: Doug <Doug@gorean.org>, John Polstra <jdp@polstra.com>,
	imp@village.org, hackers@FreeBSD.org
Subject: Re: a BSD identd 
In-Reply-To: <53426.931766563@axl.noc.iafrica.com>
Message-ID: <Pine.BSF.4.10.9907121509580.50180-100000@janus.syracuse.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Mon, 12 Jul 1999, Sheldon Hearn wrote:

> 
> 
> On Sun, 11 Jul 1999 12:47:30 MST, Doug wrote:
> 
> >       Finally, Brian might want to search the bugtraq archives before
> > he commits anything. There have been quite a few identd related
> > discussions, and it would be points in our favor if we didn't come out
> > with anything that had known exploits.
> 
> I like this suggestion. I worry about a trend I'm seeing, with more and
> more people keen to replace existing code with their own virgin code
> which hasn't had any serious field time behind it.
> 
> This seems like a very Linuxy development trend. It's the way the Bazaar
> works, but not in a Cathedral. Rather, you have a look at what's already
> there and try to work on it. You don't start your own wing a few feet
> from the Cathedral in the hopes that someone will bash down a similar
> wing elsewhere and join yours to the main building.

It's "out with the bad, in with the good." Pidentd code is pretty terrible.
The only security concerns with my code were wrt FAKEID, and those were
mostly fixed (mostly meaning that a symlink _may_ be opened, but it won't
be read.) If anyone wants to audit my code for security, I invite them to.
But frankly, I highly doubt anyone will find anything to exploit.
   And, why would bugtraq advisories against other identds apply to my
ident_stream service? This is an entirely different code base.

> 
> Waffle waffle.
> 
> Ciao,
> Sheldon.
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
> 

 Brian Fundakowski Feldman      _ __ ___ ____  ___ ___ ___  
 green@FreeBSD.org                   _ __ ___ | _ ) __|   \ 
     FreeBSD: The Power to Serve!        _ __ | _ \._ \ |) |
       http://www.FreeBSD.org/              _ |___/___/___/ 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message