From owner-freebsd-security  Tue Jul 21 22:13:52 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id WAA05950
          for freebsd-security-outgoing; Tue, 21 Jul 1998 22:13:52 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from fallout.campusview.indiana.edu (fallout.campusview.indiana.edu [149.159.1.1])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA05932
          for <security@FreeBSD.ORG>; Tue, 21 Jul 1998 22:13:47 -0700 (PDT)
          (envelope-from jfieber@indiana.edu)
Received: from localhost (jfieber@localhost)
	by fallout.campusview.indiana.edu (8.8.8/8.8.7) with SMTP id AAA11396;
	Wed, 22 Jul 1998 00:13:21 -0500 (EST)
Date: Wed, 22 Jul 1998 00:13:21 -0500 (EST)
From: John Fieber <jfieber@indiana.edu>
To: Brett Glass <brett@lariat.org>
cc: security@FreeBSD.ORG
Subject: Re: Projects to improve security (related to C) 
In-Reply-To: <199807220117.TAA21819@lariat.lariat.org>
Message-ID: <Pine.BSF.3.96.980721235902.25546M-100000@fallout.campusview.indiana.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Tue, 21 Jul 1998, Brett Glass wrote:

> be some positive decisions made and action taken. Clearly, we've
> seen some problems that need fixing; the worst thing that can happen
> is that people will do nothing. Constructive suggestions?

If you want an automagic patching system and you think it will
be a "marketable" product, the standard next step is to build a
proof-of-concept prototype for some marketing tests.

It seems such a system would need three componets.

  * A mechanism for manufacturing and packaging and labeling band-aids[1]
  * A band-aid delivery service
  * A mechanism for safely applying the band-aids

I personally think the scheme would be most marketable if the
last stage had a "let me look at it first" mode in addition to an
automagic mode.

So, go at it!   :)

                           Remember, FreeBSD is volunteer powered.

-john

[1] Since some in this lively exchange propose that the whole C
based universe is fundamentally broken, band-aids may be the best
we can do.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message