Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 10 Dec 2009 09:59:53 -0500
From:      Steve Bertrand <steve@ibctech.ca>
To:        Bill Moran <wmoran@potentialtech.com>
Cc:        freebsd-current@freebsd.org, Anton Shterenlikht <mexas@bristol.ac.uk>, freebsd-questions@freebsd.org
Subject:   Re: Root exploit for FreeBSD
Message-ID:  <4B210CE9.1050709@ibctech.ca>
In-Reply-To: <20091210095122.a164bf95.wmoran@potentialtech.com>
References:  <20091210144141.GB834@mech-cluster241.men.bris.ac.uk> <20091210095122.a164bf95.wmoran@potentialtech.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Bill Moran wrote:
> In response to Anton Shterenlikht <mexas@bristol.ac.uk>:
> 
>> >From my information security manager:
>>
>> 	FreeBSD isn't much used within the University (I understand) and has a
>> 	(comparatively) poor security record. Most recently, for example:
>>
>> 	http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html
> 
> Are you trying to make your infosec guy look like an idiot? 

He doesn't really have to _try_, does he?

I have always thought that an infosec person should *know* what they
have running within their own network, and furthermore, gather his
comparative analysis from somewhere other than the
dept-of-some-guys-blog. Perhaps these are not the job requirements of a
security person.

Steve



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B210CE9.1050709>