From owner-cvs-all  Wed Jul 26 10:17:38 2000
Delivered-To: cvs-all@freebsd.org
Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42])
	by hub.freebsd.org (Postfix) with ESMTP
	id B813437BB5E; Wed, 26 Jul 2000 10:17:26 -0700 (PDT)
	(envelope-from ache@nagual.pp.ru)
Received: (from ache@localhost)
	by nagual.pp.ru (8.9.3/8.9.3) id VAA50360;
	Wed, 26 Jul 2000 21:12:47 +0400 (MSD)
	(envelope-from ache)
Date: Wed, 26 Jul 2000 21:12:47 +0400
From: "Andrey A. Chernov" <ache@nagual.pp.ru>
To: Nate Williams <nate@yogotech.com>
Cc: Bill Fumerola <billf@chimesnet.com>,
	"Jordan K. Hubbard" <jkh@zippy.osd.bsdi.com>,
	Peter Wemm <peter@netplex.com.au>, Warner Losh <imp@village.org>,
	Marcel Moolenaar <marcel@cup.hp.com>,
	Will Andrews <andrews@technologist.com>,
	Marcel Moolenaar <marcel@FreeBSD.org>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/etc Makefile src/include Makefile src/release Makefile src/release/picobsd/build Makefile.mfs src/release/picobsd/custom Makefile.mfs src/release/picobsd/dial Makefile.mfs src/release/picobsd/install Makefile.mfs
Message-ID: <20000726211246.A50294@nagual.pp.ru>
References: <200007252213.PAA34677@netplex.com.au> <10733.964597601@localhost> <200007261456.IAA11238@nomad.yogotech.com> <20000726125721.Z51462@jade.chc-chimes.com> <200007261659.KAA11807@nomad.yogotech.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.4i
In-Reply-To: <200007261659.KAA11807@nomad.yogotech.com>; from nate@yogotech.com on Wed, Jul 26, 2000 at 10:59:48AM -0600
Organization: Biomechanoid
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Wed, Jul 26, 2000 at 10:59:48AM -0600, Nate Williams wrote:
> Gimme a break Bill.  Andrey and Warner (as security officer) has already
> explained why we're doing things differently.
> 
> If the other OS's choose to be insecure, then let them.  We don't always
> have to respond to security issues *after* every one else fixes them.

To be more concrete, with my -L changes:

1) We keep mtree (as application) the same as in other *BSD camps by
default. Mtree as userland application have nothing common with system
security issues.

2) With adding -L to building process we handle security problems with
directories permissions. I don't know how other *BSD camps handle this.
Either they not handle (since they not have -L addition in mtree) or in
some different ways. Jordan says that symlinked admins must know what they
do, but will be even better to handle it automatically for them since
people make mistakes sometimes and security area not the place for
experiments.

3) In some cases (as Peter describe) -L not needed for some parts of
building process. Ok, just don't use it there.

-- 
Andrey A. Chernov
<ache@nagual.pp.ru>
http://ache.pp.ru/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message