From owner-freebsd-security@FreeBSD.ORG Thu Jul 21 10:13:54 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2BBFF16A41F; Thu, 21 Jul 2005 10:13:54 +0000 (GMT) (envelope-from dd@freebsd.org) Received: from charade.trit.org (charade.trit.org [65.19.139.44]) by mx1.FreeBSD.org (Postfix) with ESMTP id 407C743D68; Thu, 21 Jul 2005 10:13:39 +0000 (GMT) (envelope-from dd@freebsd.org) Received: from maverick.trit.org (rtr-fe0.irvca.networksinmotion.com [71.129.107.129]) by charade.trit.org (Postfix) with ESMTP id 94CA51AF4C9; Thu, 21 Jul 2005 10:13:39 +0000 (UTC) Received: from maverick.trit.org (localhost [127.0.0.1]) by maverick.trit.org (8.13.4/8.13.4) with ESMTP id j6LADWJN001352; Thu, 21 Jul 2005 10:13:32 GMT (envelope-from dd@freebsd.org) Received: (from dima@localhost) by maverick.trit.org (8.13.4/8.13.4/Submit) id j6LADVKU001351; Thu, 21 Jul 2005 10:13:31 GMT (envelope-from dd@freebsd.org) X-Authentication-Warning: maverick.trit.org: dima set sender to dd@freebsd.org using -f Date: Thu, 21 Jul 2005 10:13:31 +0000 From: Dima Dorfman To: Giorgos Keramidas Message-ID: <20050721101331.GB854@trit.org> References: <42DCC503.5000408@ludd.ltu.se> <20050719213356.GA1614@gothmog.gr> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="St7VIuEGZ6dlpu13" Content-Disposition: inline In-Reply-To: <20050719213356.GA1614@gothmog.gr> X-PGP-Key: 69FAE582 (http://www.trit.org/~dima/dima.asc) X-PGP-Fingerprint: B340 8338 7DA3 4D61 7632 098E 0730 055B 69FA E582 User-Agent: Mutt/1.5.9i X-Mailman-Approved-At: Thu, 21 Jul 2005 14:42:31 +0000 Cc: freebsd-security@freebsd.org, Joachim Str?mbergson Subject: Re: Adding OpenBSD sudo to the FreeBSD base system? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Jul 2005 10:13:54 -0000 --St7VIuEGZ6dlpu13 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Giorgos Keramidas wrote: > On 2005-07-19 11:16, Joachim Str?mbergson wrote: > > My thought was to sync/import the sudo implementation from OpenBSD. Bad > > idea? >=20 > Maybe not so bad if the OpenBSD version of sudo has useful enhancements > of any sort (i.e. has gone through a thorough security audit, or it > includes features that are not available through the Ports version, OpenBSD doesn't have their own version of sudo. The sudo maintainer is = =20 an OpenBSD committer (millert), and if other OpenBSD guys were to make = =20 any enhancements, I expect that the changes would quickly find their = =20 way into the official distribution. = =20 = =20 FWIW, I don't see any reason to include sudo in the base system. It's = =20 something that I install on every computer, but I don't mind building = =20 the port or installing it from a package. Unlike some of the other = =20 things I usually want on every system (e.g., emacs), it's small and = =20 doesn't have any dependencies, so it's not a problem to install it as = =20 soon as the system is online. That said, I wouldn't object to having = =20 it in the base, either. = =20 Dima. --St7VIuEGZ6dlpu13 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- iD8DBQFC33VLBzAFW2n65YIRAg96AKCKdrpt1axxVMhFO9SSU7tnEHTbigCePxFm BvhoIcgm+X9Zqsr5SXZX/9g= =30/G -----END PGP SIGNATURE----- --St7VIuEGZ6dlpu13--