From owner-freebsd-security  Mon Jan 22 11:26:10 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id LAA07643
          for security-outgoing; Mon, 22 Jan 1996 11:26:10 -0800 (PST)
Received: from rocky.sri.MT.net (rocky.sri.MT.net [204.182.243.10])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id LAA07635
          for <security@FreeBSD.org>; Mon, 22 Jan 1996 11:26:05 -0800 (PST)
Received: (from nate@localhost) by rocky.sri.MT.net (8.6.12/8.6.12) id MAA22649; Mon, 22 Jan 1996 12:27:22 -0700
Date: Mon, 22 Jan 1996 12:27:22 -0700
From: Nate Williams <nate@sri.MT.net>
Message-Id: <199601221927.MAA22649@rocky.sri.MT.net>
To: Paul Richards <p.richards@elsevier.co.uk>
Cc: nate@sri.MT.net (Nate Williams), security@FreeBSD.org
Subject: Re: ssh /etc config files location..
In-Reply-To: <199601221906.TAA09960@cadair.elsevier.co.uk>
References: <199601221750.KAA22368@rocky.sri.MT.net>
	<199601221906.TAA09960@cadair.elsevier.co.uk>
Sender: owner-security@FreeBSD.org
Precedence: bulk

> I
> still don't like things touching /etc though.  I don't see why we
> should make exceptions for ports that install into /usr/local if they
> happen to have host specific configurations, that's something that the
> local NFS admin should sort out. You'll have exactly the same problem
> if you administer diskless machines.

Agreed.  I don't see an easy answer to this, but the current system is
unacceptable for hosts that share /usr/local.

> Now, on a related note, how about replacing rsh with ssh in our main tree.
> It's backwards compatible and rsh needs to die anyway for all the same
> reasons that ssh exists in the first place.

I'm not sure that bringing in another non-exportable piece of software
is a good thing, even for all the benefits it brings.


Nate