From owner-freebsd-security Tue Oct 3 22: 8:41 2000 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 7446A37B502 for ; Tue, 3 Oct 2000 22:08:39 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.0/8.11.0) with ESMTP id e9458bM13585; Tue, 3 Oct 2000 23:08:38 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id XAA33386; Tue, 3 Oct 2000 23:08:37 -0600 (MDT) Message-Id: <200010040508.XAA33386@harmony.village.org> To: Brett Glass Subject: Re: cvs commit: src/usr.bin/finger finger.c Cc: freebsd-security@FreeBSD.ORG In-reply-to: Your message of "Tue, 03 Oct 2000 17:55:55 MDT." <4.3.2.7.2.20001003175130.043dc4c0@localhost> References: <4.3.2.7.2.20001003175130.043dc4c0@localhost> <200010032326.e93NQ7H17213@netplex.com.au> <20001003155638.B73409@hub.freebsd.org> <200010032326.e93NQ7H17213@netplex.com.au> Date: Tue, 03 Oct 2000 23:08:37 -0600 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <4.3.2.7.2.20001003175130.043dc4c0@localhost> Brett Glass writes: : At 05:42 PM 10/3/2000, Alfred Perlstein wrote: : : >There's a large difference between kernel and userland here, kernel : >changes need to be backported relatively quickly while userland : >can allow for a longer test period. Seperate policies may serve : >us better than one that covers the entire tree. : : What about root compromises in userland -- e.g. in setuid apps, daemons : that run (or at least start) as root, etc.? Root compromises invoke the compelling reason clause, as do most security fixes. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message