Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 04 Feb 1997 15:43:46 -0800
From:      "Jordan K. Hubbard" <jkh@time.cdrom.com>
To:        current@freebsd.org
Subject:   Re: Karl fulminates, film at 11.
Message-ID:  <28882.855099826@time.cdrom.com>

next in thread | raw e-mail | index | archive | help
OK, for those of you who just came into this and are wondering at this
sudden strange eruption of email in -current, let me just give a
little background and attempt to set this sorry situation in order.

Karl here, displaying his usual characteristic grace and charm, saw
fit to suddenly explode into my mailbox this morning with a diatribe
positively oozing with CAPITAL LETTERS and other such exclamations of
anger and general pants-wetting excitement, and it contained (among
other ravings) a demand that we remove 2.1.6 immediately and declare
it the most open security trap known to man.  You've seen this demand
already, and Karl has reaffirmed it as his opinion.

Now I'd only just seen Joe Greco's article about the crt0 security
hole a couple of hours before, not really having had the chance to
talk to our security officers about it yet, and besides I'm not
exactly the kind of guy to rush off yelling "Yes Sir!  I will kill all
the occupants of this village on the suspicion that some of them may
be dangerous insurgents, Sir!  Of course I'm completely happy to take
your word for it, Sir!"

For a move that drastic, it needs to be discussed in core at the very
minimum.  Not discussed for a month or a week, maybe even just a
couple of hours, but at least *discussed*.  I communicated this to
Karl, saying that nothing should be removed (and I should perhaps have
said *at this stage*, but that's what I meant) and that the problem
should instead be documented so that people could at least make a
*decision* for now to either load and patch the 2.1.6 release or not
load it at all.  I also expected to see some sort of CERT advisory in
the very near term, documenting at least the source code fix and the
vulnerability, so between those two mediums I figured we'd at least
cover the bases for those *new* people contemplating loading the 2.1.6
release.  It's clearly only new ones we're talking about here since
even an immediate 2.1.7 release and removal of 2.1.6 wouldn't save the
installed base a thing.

Anyway, this wasn't good enough for Karl at all and he continued on
with his capslock key and general histrionics until I finally got sick
of it and went off in a corner with Joe Greco to try and discuss
practical solutions rather than how HORRIBLE and AWFUL and BAD the
whole situation was, and how the person responsible should be
publicly scorned and made to wear plaid clothing until the end of
his days.  Karl doesn't like being ignored, however, so now he's taken
it to the -current mailing list where he hopes to drum up additional
fear and probably more than a little loathing about this.

For the record: We *are* going to do something, we're not clueless
about the fact that this is a major security hole and quite possibly
we will even remove 2.1.6 if we cannot supply an effective binary
upgrade for it (which would be a desirable move from the
installed-base point of view, but still not what Karl wants).  Doing a
2.1.7 release is actually easier than it sounds, and I'm going to do
one here just to have one as a backup, if nothing else, but the actual
removal of bits will still have to wait until the core team has at
least had a chance to discuss the matter.  The impact on our 2.1.6
installed base is non-trivial, and simply rolling 2.1.7 and saying "OK
folks, you all have to upgrade with the installer!" is a very, very
painful prospect.  I'd like to have a chance to work out an easier way
of doing it, perhaps as the original package from hell, and I will be
looking at this all night tonite.  There is no one trying to "hide"
from this problem or its ramifications here, and Karl simply can't
face the fact that he rubs people raw by being hostile and abrasive
when there's absolutely no need for it, so he claims it's the issue
I'm trying to avoid rather than simply Karl and his unwonted abuse.

Now that he's taken it public, I thought I'd at least try to explain
what the situation was.  This is the last you'll hear from me on this
topic in -current and any future conversations I have with Karl will
end as they started - in private email.  I won't exchange lighting
bolts in public with this guy again - it's just too old and familiar a
refrain.

						Jordan



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?28882.855099826>