From owner-freebsd-security Mon Jul 1 17:54:45 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B175937B400 for ; Mon, 1 Jul 2002 17:54:42 -0700 (PDT) Received: from bran.mc.mpls.visi.com (bran.mc.mpls.visi.com [208.42.156.103]) by mx1.FreeBSD.org (Postfix) with ESMTP id 39E9643E3B for ; Mon, 1 Jul 2002 17:54:42 -0700 (PDT) (envelope-from hawkeyd@visi.com) Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193]) by bran.mc.mpls.visi.com (Postfix) with ESMTP id 23A354A9C; Mon, 1 Jul 2002 19:54:41 -0500 (CDT) Received: (from hawkeyd@localhost) by sheol.localdomain (8.11.6/8.11.6) id g620sZ111570; Mon, 1 Jul 2002 19:54:35 -0500 (CDT) (envelope-from hawkeyd) Date: Mon, 1 Jul 2002 19:54:35 -0500 (CDT) Message-Id: <200207020054.g620sZ111570@sheol.localdomain> Mime-Version: 1.0 X-Newsreader: knews 1.0b.1 Reply-To: hawkeyd@visi.com Organization: if (!FIFO) if (!LIFO) break; References: <4.3.2.7.2.20020701102105.022a44f0_localhost@ns.sol.net> In-Reply-To: <4.3.2.7.2.20020701102105.022a44f0_localhost@ns.sol.net> From: hawkeyd@visi.com (D J Hawkey Jr) Subject: Re: security risk: ktrace(2) in FreeBSD prior to -current. X-Original-Newsgroups: sol.lists.freebsd.security To: brett@lariat.org, freebsd-security@freebsd.org Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In article <4.3.2.7.2.20020701102105.022a44f0_localhost@ns.sol.net>, brett@lariat.org writes: > >>Please note that I have *not* asked for a binary update. >>I don't want to get flamed the way Brett does... > > ...for asking something reasonable? ;-) > > Seriously: Please do ask. If we do not have up-to-date binary > packages, a large percentage of the new installs of FreeBSD > (both network installs and those from CD-ROM) will be vulnerable > from the start, even though the holes have long been identified. > This is not only unethical but also terrible for FreeBSD's > reputation. Again with the "I need this from y'all 'cuz I'm too lame or lazy to do it myself, and I'm committed to countless customers with a solution of my own making that I can't support.". And now you're going so far as to call The Project "unethical". I gotta wonder if those same customers aren't going to refer to you with the same word pretty soon. You got 'em into this jam; you get 'em out. > Already, the Apache/FreeBSD worm is making the rounds. Why > allow new installs to be vulnerable? Jiminy Crickets, man! Get off you pedestal, roll up your sleeves, and get on with it. You MUST have a lot of work to do, what with spending all this time pissing and moaning about how others won't do it for you. > --Brett Ya know, Brett, in the time it takes for you to let one thread of yours die, I can update two disparate networks with two patches. And I have nowhere's near the expertise you so obviously must have. I won't be re-visiting this thread. Dave -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message