From owner-freebsd-audit Mon Dec 6 4: 7:15 1999 Delivered-To: freebsd-audit@freebsd.org Received: from tank.skynet.be (tank.skynet.be [195.238.2.35]) by hub.freebsd.org (Postfix) with ESMTP id 7340914FCE; Mon, 6 Dec 1999 04:07:08 -0800 (PST) (envelope-from root@foxbert.skynet.be) Received: from foxbert.skynet.be (foxbert.skynet.be [195.238.1.45]) by tank.skynet.be (8.9.3/odie-relay-v1.0) with ESMTP id NAA24794; Mon, 6 Dec 1999 13:07:01 +0100 (MET) Received: (from root@localhost) by foxbert.skynet.be (8.9.1/jovi-pop-2.1) id NAA23530; Mon, 6 Dec 1999 13:06:58 +0100 (MET) Mime-Version: 1.0 X-Sender: blk@foxbert.skynet.be Message-Id: In-Reply-To: <28146.944480094@axl.noc.iafrica.com> References: <28146.944480094@axl.noc.iafrica.com> Date: Mon, 6 Dec 1999 13:05:24 +0100 To: Sheldon Hearn From: Brad Knowles Subject: Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern kern_fork.c src/sys/libkern arc4random.c src/sys/sys libkern.h Cc: obrien@FreeBSD.ORG, audit@FreeBSD.ORG Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG At 1:34 PM +0200 1999/12/6, Sheldon Hearn wrote: > One thing you're missing here is that CURRENT often _becomes_ STABLE > later. :-) Understood. However, so long as it's -CURRENT, we can still make large changes, right? ;-) Speaking of which, if 4.0 is going to hit feature freeze pretty soon, does this mean that -CURRENT will become version 5.0? Will that happen automatically when 4.0 hits feature freeze, or are these two separate events? > However, I think I agree with you. Perhaps a small POLA sacrifice for > the sake of a large security gain is cool. I don't see a massive gain > for day-to-day stuff myself, but folks are talking like it's a large > gain. Some of them are sensible folks. ;-) Well, perhaps this particular thing isn't that big. This is one reason why I was so surprised to see people advocating that we don't change the default. However, if you collect all these "little" changes together, I think you arrive at something that is *huge*. What I'm trying to do is advocate a policy that allows us to more quickly get closer to where we want to be. > PS: Damnit, I didn't realize that the message I replied to originally > was a cross-post. Sorry. Damn. Caught me, too. I've removed the cross-post to -arch on this reply, and will let you have the last word on this subject on that list. ;-) -- These are my opinions -- not to be taken as official Skynet policy ____________________________________________________________________ |o| Brad Knowles, Belgacom Skynet NV/SA |o| |o| Systems Architect, News & FTP Admin Rue Col. Bourg, 124 |o| |o| Phone/Fax: +32-2-706.11.11/12.49 B-1140 Brussels |o| |o| http://www.skynet.be Belgium |o| \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. Unix is very user-friendly. It's just picky who its friends are. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message