From owner-freebsd-security Mon Jul 20 20:11:29 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA25746 for freebsd-security-outgoing; Mon, 20 Jul 1998 20:11:29 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from lariat.lariat.org (ppp1000.lariat.org@[206.100.185.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA25735 for ; Mon, 20 Jul 1998 20:11:27 -0700 (PDT) (envelope-from brett@lariat.org) Received: (from brett@localhost) by lariat.lariat.org (8.8.8/8.8.8) id VAA00475; Mon, 20 Jul 1998 21:11:05 -0600 (MDT) Message-Id: <199807210311.VAA00475@lariat.lariat.org> X-Sender: brett@mail.lariat.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1 Date: Mon, 20 Jul 1998 21:11:01 -0600 To: Jon Hamilton From: Brett Glass Subject: Re: Why is there no info on the QPOPPER hack? Cc: "Matthew N. Dodd" , "Christopher G. Petrilli" , "Gentry A. Bieker" , security@FreeBSD.ORG In-Reply-To: <199807210238.UAA29812@lariat.lariat.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 09:40 PM 7/20/98 -0500, Jon Hamilton wrote: >I still think you're just ranting. What does it mean to "have been >potentially compromised" anyway? It means that many of these systems are still just WAITING to be broken into. There could be a lot more damage done -- we're talking millions of dollars' worth. >Maybe you've been working too long and too hard cleaning up after your >breakin. CVSup would work fine for what you're talking about, you'd just >have to have a different tag which only got "known good patches for >significant problems". Of course, this would still have the problem of >being a "pull" model, so you'd have to check "often enough". Which means, given the typical e-mail volume an administrator must handle, many people would not "pull" in time. I'd rather have a "push" model with the ability to back out or opt out. >You'd also have to be damn sure you trusted the person doing the checkins, Anyone who runs FreeBSD already places a lot of trust in the maintainers. >and >you'd have to be sure that you were in fact talking to the server you >decided to trust. Easily accomplished via cryptography. >And you'd have to be certain that you trusted the patch >as applied, both that it solved the problem it was meant to solve, and >that it didn't introduce some other bogosity. Most of these should be >red flags shouting out that you don't really want to automate this >process, but I don't imagine that'll slow you down much. I would rather automate it than see delays, break-ins, and duplicated effort. --Brett Glass To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message