From owner-freebsd-security@FreeBSD.ORG Thu Jul 21 10:20:18 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1511516A41F; Thu, 21 Jul 2005 10:20:18 +0000 (GMT) (envelope-from keramida@freebsd.org) Received: from rosebud.otenet.gr (rosebud.otenet.gr [195.170.0.94]) by mx1.FreeBSD.org (Postfix) with ESMTP id E259543D8C; Thu, 21 Jul 2005 10:20:14 +0000 (GMT) (envelope-from keramida@freebsd.org) Received: from beatrix.daedalusnetworks.priv (aris.bedc.ondsl.gr [62.103.39.226]) by rosebud.otenet.gr (8.13.4/8.13.4/Debian-1) with SMTP id j6LAKC1M019218; Thu, 21 Jul 2005 13:20:13 +0300 Received: from beatrix.daedalusnetworks.priv (localhost [127.0.0.1]) by beatrix.daedalusnetworks.priv (8.13.3+Sun/8.13.3) with ESMTP id j6LAKC5s016464; Thu, 21 Jul 2005 13:20:12 +0300 (EEST) Received: (from keramida@localhost) by beatrix.daedalusnetworks.priv (8.13.3+Sun/8.13.3/Submit) id j6LAKC7p016463; Thu, 21 Jul 2005 13:20:12 +0300 (EEST) Date: Thu, 21 Jul 2005 13:20:12 +0300 From: Giorgos Keramidas To: Dima Dorfman Message-ID: <20050721102012.GG16179@beatrix.daedalusnetworks.priv> References: <42DCC503.5000408@ludd.ltu.se> <20050719213356.GA1614@gothmog.gr> <20050721101331.GB854@trit.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050721101331.GB854@trit.org> X-Mailman-Approved-At: Thu, 21 Jul 2005 14:42:31 +0000 Cc: freebsd-security@freebsd.org, Joachim Str?mbergson Subject: Re: Adding OpenBSD sudo to the FreeBSD base system? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Jul 2005 10:20:18 -0000 On 2005-07-21 10:13, Dima Dorfman wrote: >Giorgos Keramidas wrote: >>On 2005-07-19 11:16, Joachim Str?mbergson wrote: >>> My thought was to sync/import the sudo implementation from >>> OpenBSD. Bad idea? >> >> Maybe not so bad if the OpenBSD version of sudo has useful >> enhancements of any sort (i.e. has gone through a thorough security >> audit, or it includes features that are not available through the >> Ports version, > > OpenBSD doesn't have their own version of sudo. The sudo maintainer is > an OpenBSD committer (millert), and if other OpenBSD guys were to make > any enhancements, I expect that the changes would quickly find their > way into the official distribution. > > FWIW, I don't see any reason to include sudo in the base system. It's > something that I install on every computer, but I don't mind building > the port or installing it from a package. Unlike some of the other > things I usually want on every system (e.g., emacs), it's small and > doesn't have any dependencies, so it's not a problem to install it as > soon as the system is online. That said, I wouldn't object to having > it in the base, either. My thoughts exactly. The only thing I'd like to add is that the port is that importing it to the base system would probably require someone who steps up and offers to maintain it as bugfixes/features are noticed in the upstream source. But, I guess, this is more or less obvious.