From owner-freebsd-questions  Mon Sep  6  9:11:32 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from out1.mx.skynet.be (out1.mx.skynet.be [195.238.2.36])
	by hub.freebsd.org (Postfix) with ESMTP
	id A877114E4D; Mon,  6 Sep 1999 09:11:26 -0700 (PDT)
	(envelope-from blk@skynet.be)
Received: from [195.238.1.121] (brad.techos.skynet.be [195.238.1.121])
	by out1.mx.skynet.be (8.9.3/odie-relay-v1.0) with ESMTP id SAA15267;
	Mon, 6 Sep 1999 18:17:46 +0200 (MET DST)
Mime-Version: 1.0
X-Sender: blk@foxbert.skynet.be
Message-Id: <v04205526b3f9964ac159@[195.238.1.121]>
In-Reply-To: 
 <Pine.BSF.4.10.9909061421050.6342-100000@shadowmere.student.utwente.nl>
References: 
 <Pine.BSF.4.10.9909061421050.6342-100000@shadowmere.student.utwente.nl>
Date: Mon, 6 Sep 1999 18:09:11 +0200
To: Pascal Hofstee <daeron@Wit401305.student.utwente.nl>
From: Brad Knowles <blk@skynet.be>
Subject: Re: softupdates in latest build?
Cc: freebsd-questions@freebsd.org, freebsd-stable@freebsd.org
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

At 2:22 PM +0200 1999/9/6, Pascal Hofstee wrote:

> As has been stated several times before and can also be read in the
> UPDATING file (at least on 4.0-CURRENT)

	I read the /usr/src/UPDATING file, and noted a number of things 
had changed.  Once I got make world finally done (after about three 
hours), I rebooted and started work on configuring my new kernel.


	I ran into some problems with a number of things that had changed 
in the format of kernel configs, but the biggest thing I've run 
across so far is the fact that Berkeley Packet Filtering (bpf) is now 
enabled by default, as opposed to disabled by default.

	This opens a *huge* security risk for anyone who doesn't 
reconfigure their kernel or doesn't fully comprehend the potential 
danger here.  Are we really sure that the FreeBSD Inc. has 
sufficiently increased it's liability insurance to cover the 
potentially multi-million dollar lawsuits that might result from this 
change?


	Most of the rest of the stuff I think I've managed to figure out 
on my own, and although changes of this scale at this stage somewhat 
concern me, I figure I can work them out.  And this is a particularly 
good machine for that, since it's going to be an internal support 
machine I can play with for a while.

	But this liability issue *really* concerns me.


	Jordan?  David?  Anybody got any semi-official statements on this issue?

-- 
   These are my opinions -- not to be taken as official Skynet policy
  ____________________________________________________________________
|o| Brad Knowles, <blk@skynet.be>            Belgacom Skynet NV/SA |o|
|o| Systems Architect, News & FTP Admin      Rue Col. Bourg, 124   |o|
|o| Phone/Fax: +32-2-706.11.11/12.49         B-1140 Brussels       |o|
|o| http://www.skynet.be                     Belgium               |o|
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
  Unix is like a wigwam -- no Gates, no Windows, and an Apache inside.
   Unix is very user-friendly.  It's just picky who its friends are.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message