From owner-freebsd-security@FreeBSD.ORG  Thu Aug 14 11:52:01 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9902B37B404
	for <security@freebsd.org>; Thu, 14 Aug 2003 11:52:01 -0700 (PDT)
Received: from smtp4.server.rpi.edu (smtp4.server.rpi.edu [128.113.2.4])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7957143F93
	for <security@freebsd.org>; Thu, 14 Aug 2003 11:52:00 -0700 (PDT)
	(envelope-from drosih@rpi.edu)
Received: from [128.113.24.47] (gilead.netel.rpi.edu [128.113.24.47])
	by smtp4.server.rpi.edu (8.12.9/8.12.9) with ESMTP id h7EIpwgl001268;
	Thu, 14 Aug 2003 14:51:58 -0400
Mime-Version: 1.0
X-Sender: drosih@mail.rpi.edu
Message-Id: <p052106dabb6188e151e1@[128.113.24.47]>
In-Reply-To: <20030814183824.GA29697@nolaf.net>
References: <20030811133749.U27196@fubar.adept.org>
 <20030811232132.GB46629@madman.celabo.org>
 <20030811162602.N72549@fubar.adept.org>
 <20030812085617.GA407@FreeBSD.org> <20030814183824.GA29697@nolaf.net>
Date: Thu, 14 Aug 2003 14:51:57 -0400
To: Michael McDowell <mike@nolaf.net>, security@freebsd.org
From: Garance A Drosihn <drosih@rpi.edu>
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
X-Scanned-By: CanIt (www . canit . ca)
Subject: Re: realpath(3) et al
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Aug 2003 18:52:02 -0000

At 2:38 PM -0400 8/14/03, Michael McDowell wrote:
>
>On Tue, Aug 12, 2003 at 10:56:18AM +0200, Simon L. Nielsen wrote:
>>
>  > BTW, if anybody really wants to start up the audit project
>  > again, I think somebody should take a look at integrating
>  > some of the changes OpenBSD has made.  No reason to spend
>  > time finding the bugs OpenBSD has already fixed.
>
>I agree with the OpenBSD suggestion, it would be a real time
>saver.

Speaking as someone who actually looks at NetBSD and OpenBSD
sources, this is often much easier said than done.  There are
a number of source files which have diverged so much over the
years that it can chew up an awful lot of time to try to
separate the "simple bug fixes" from new features, or various
code-rearrangements.

As I say, I *do* try to do this, so I certainly do think it is
worth doing.  However, it is not necessarily "a real time saver".

-- 
Garance Alistair Drosehn            =   gad@gilead.netel.rpi.edu
Senior Systems Programmer           or  gad@freebsd.org
Rensselaer Polytechnic Institute    or  drosih@rpi.edu