From owner-freebsd-current@FreeBSD.ORG Thu Dec 10 14:51:24 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 20DFC1065692; Thu, 10 Dec 2009 14:51:24 +0000 (UTC) (envelope-from wmoran@potentialtech.com) Received: from mail.potentialtech.com (internet.potentialtech.com [66.167.251.6]) by mx1.freebsd.org (Postfix) with ESMTP id E6CDA8FC1A; Thu, 10 Dec 2009 14:51:23 +0000 (UTC) Received: from localhost (pr40.pitbpa0.pub.collaborativefusion.com [206.210.89.202]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.potentialtech.com (Postfix) with ESMTPSA id 0500DF741F; Thu, 10 Dec 2009 09:51:22 -0500 (EST) Date: Thu, 10 Dec 2009 09:51:22 -0500 From: Bill Moran To: Anton Shterenlikht Message-Id: <20091210095122.a164bf95.wmoran@potentialtech.com> In-Reply-To: <20091210144141.GB834@mech-cluster241.men.bris.ac.uk> References: <20091210144141.GB834@mech-cluster241.men.bris.ac.uk> Organization: Bill Moran X-Mailer: Sylpheed 2.7.1 (GTK+ 2.16.6; i386-portbld-freebsd7.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-current@freebsd.org, freebsd-questions@freebsd.org Subject: Re: Root exploit for FreeBSD X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 14:51:24 -0000 In response to Anton Shterenlikht : > >From my information security manager: > > FreeBSD isn't much used within the University (I understand) and has a > (comparatively) poor security record. Most recently, for example: > > http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html Are you trying to make your infosec guy look like an idiot? Does he realize that FreeBSD has a grand total of 16 security problems for all of 2009? Hell, Microsoft has that many in an average month. If he can find something (other than OpenBSD) with a better record than that, I'd love to hear about it. -- Bill Moran http://www.potentialtech.com http://people.collaborativefusion.com/~wmoran/