From owner-freebsd-security  Tue Oct  3  0:31:54 2000
Delivered-To: freebsd-security@freebsd.org
Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220])
	by hub.freebsd.org (Postfix) with ESMTP id CD67D37B502
	for <security@freebsd.org>; Tue,  3 Oct 2000 00:31:49 -0700 (PDT)
Received: from localhost
	([127.0.0.1] helo=softweyr.com ident=Fools trust ident!)
	by homer.softweyr.com with esmtp (Exim 3.16 #1)
	id 13gMhN-000PMT-00; Tue, 03 Oct 2000 01:41:13 -0600
Message-ID: <39D98D98.B0627C08@softweyr.com>
Date: Tue, 03 Oct 2000 01:41:12 -0600
From: Wes Peters <wes@softweyr.com>
Organization: Softweyr LLC
X-Mailer: Mozilla 4.75 [en] (X11; U; FreeBSD 4.1-STABLE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Warner Losh <imp@village.org>
Cc: Jordan Hubbard <jkh@winston.osd.bsdi.com>, security@FreeBSD.ORG
Subject: Re: Security and FreeBSD, my overall perspective
References: <2376.970339459@winston.osd.bsdi.com> <200009302258.QAA13969@harmony.village.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Warner Losh wrote:
> 
> :        (b) Add a new field to the ports infrastructure which indicates
> :          level of "trust" the project/security people have in that
> :          port.  E.g. instead of having one big knob rather off-puttingly
> :          labelled 'FORBIDDEN', have a 'TRUST' or 'SECURITY_LEVEL' variable
> :          which goes from 1 to 10.  Then the ports infrastructure can, if
> :          it wishes to, issue warnings of varying severity based on the
> :          trust level.
> 
> 1 to 10 is too many levels.  But I'm not sure what the right number
> is, so let's assume it is N and move on.

N == 3 { 'green', 'yellow', 'red' }.  If you're feeling like a telco, throw
'blue' in there somewhere, though nobody really seems to understand what
'blue' really means.

-- 
            "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                         Softweyr LLC
wes@softweyr.com                                           http://softweyr.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message