From owner-freebsd-security  Wed Mar 10 19:28: 4 1999
Delivered-To: freebsd-security@freebsd.org
Received: from fledge.watson.org (FLEDGE.RES.CMU.EDU [128.2.93.229])
	by hub.freebsd.org (Postfix) with ESMTP id 8A80E151EA
	for <freebsd-security@FreeBSD.ORG>; Wed, 10 Mar 1999 19:28:01 -0800 (PST)
	(envelope-from robert@cyrus.watson.org)
Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.8.8/8.8.8) with SMTP id WAA29304;
	Wed, 10 Mar 1999 22:27:34 -0500 (EST)
	(envelope-from robert@cyrus.watson.org)
Date: Wed, 10 Mar 1999 22:27:33 -0500 (EST)
From: Robert Watson <robert@cyrus.watson.org>
X-Sender: robert@fledge.watson.org
Reply-To: Robert Watson <robert+freebsd@cyrus.watson.org>
To: ob1k <ob1k@mindspring.com>
Cc: Marco Molteni <molter@tin.it>, freebsd-security@FreeBSD.ORG
Subject: Re: disapointing security architecture
In-Reply-To: <Pine.BSF.4.05.9903102045370.294-100000@Cupcake.mindspring.com>
Message-ID: <Pine.BSF.3.96.990310221623.27517K-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Wed, 10 Mar 1999, ob1k wrote:

> Im sorry, but comments like:
>  3. disappointed about FreeBSD security architecture? Fix it.
> are such a copout and a really lame way of reasoning.

Ah, but recall that in the minds of many free software authors, requests
for features without code are also a copout :-).

This is not to say that I condone a brisk "do it yourself" answer, but it
is presumably important to recognize that all developer hours are donated,
and precious few are available.  Anyone with the insight to provide a
cogent analysis of the shortcomings of the current in-between-state of the
authentication system probably has the insight (although possibly not the
time) to provide at least rudimentary fixes.

I would say that the comment was poorly expressed in that it was less of
an invitation and more of an accusation; I would say that the reasoning
realistic, albeit unfortunately the case.  I do not think it is the case
that the majority of FreeBSD developers want to be unhelpful or fail to
comply with the desire for a better product; it is more that they have a
realistic (and now possibly bitter) familiarity with the lack of available
resources :-).

  Robert N Watson 

robert@fledge.watson.org              http://www.watson.org/~robert/
PGP key fingerprint: 03 01 DD 8E 15 67 48 73  25 6D 10 FC EC 68 C1 1C

Carnegie Mellon University            http://www.cmu.edu/
TIS Labs at Network Associates, Inc.  http://www.tis.com/
Safeport Network Services             http://www.safeport.com/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message