From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 14:08:28 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5F06A37B401 for ; Mon, 11 Aug 2003 14:08:28 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id F119343FAF for ; Mon, 11 Aug 2003 14:08:27 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 6978B15256; Mon, 11 Aug 2003 14:08:27 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 656E01524D for ; Mon, 11 Aug 2003 14:08:27 -0700 (PDT) Date: Mon, 11 Aug 2003 14:08:27 -0700 (PDT) From: Mike Hoskins To: security@freebsd.org Message-ID: <20030811133749.U27196@fubar.adept.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 21:08:28 -0000 First, I hope that this message is not considered flame bait. As someone who has used FreeBSD for for 5+ years now, I have a genuine interest in the integrity of our source code. Second, I hope that this message is not taken as any form of insult or finger pointing. Software without bugs does not exist, and I think we all know that. Acknowledging that point and working to mitigate the risks associated with it would seem to be our only real option. That said, every time something like the recent realpath(3) issue comes to light, I find myself asking why I haven't at least tried to do more to review our source code or (more desirable) enable 3rd-party audits. My question is... If enabling a 3rd-party audit for some target release (5.3+ I'd assume) is desirable, what would be needed money-, time- and other-wise? I'm willing to invest both time and money to make this happen. I'd expect such an endeavor to be tedious and expensive... and, of course, it would really need to be repeated occasionally to be of real value. (Probably, at least, after major version number changes.) However, perhaps doing an audit of the base system now would help our image in the security community? All I know is, despite occasional arguments and rants, I like FreeBSD. As long as it exists, I plan to have it installed... So it is in my best interest to help in any way I can. I know projects like secure/trustedBSD exist, but I am really looking for ways to promote the trust of the base system more than specialized projects/branches. Thoughts? -mrh -- From: "Spam Catcher" To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist!