From owner-freebsd-security@FreeBSD.ORG  Sat Feb 18 00:51:43 2012
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 536DA1065672
	for <freebsd-security@freebsd.org>;
	Sat, 18 Feb 2012 00:51:43 +0000 (UTC)
	(envelope-from marquis@roble.com)
Received: from mx5.roble.com (mx5.roble.com [206.40.34.5])
	by mx1.freebsd.org (Postfix) with ESMTP id 4008B8FC14
	for <freebsd-security@freebsd.org>;
	Sat, 18 Feb 2012 00:51:42 +0000 (UTC)
Received: from mx5.roble.com (mx5.roble.com [206.40.34.5])
	by mx5.roble.com (Postfix) with ESMTP id C2BD067CDC;
	Fri, 17 Feb 2012 16:51:42 -0800 (PST)
Date: Fri, 17 Feb 2012 16:51:42 -0800 (PST)
From: Roger Marquis <marquis@roble.com>
To: Mike Kelly <pioto@pioto.org>
In-Reply-To: <CAFb0NsJT47qVZHOGJN8WfdLHk3NdNEyz4_wDrrkAY10ECU16mA@mail.gmail.com>
References: <20120217120034.201EB106574C@hub.freebsd.org>
	<20120217152400.261AC106564A@hub.freebsd.org>
	<CAE-mSO+sa2Cu0aQksEXGyMnyns3=aAL8odmzQNMEJ77dpUAgmw@mail.gmail.com>
	<20120217194851.D76DE1065670@hub.freebsd.org>
	<CAFb0NsJT47qVZHOGJN8WfdLHk3NdNEyz4_wDrrkAY10ECU16mA@mail.gmail.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Message-Id: <20120218005143.536DA1065672@hub.freebsd.org>
Cc: freebsd-security@freebsd.org, Sergey Kandaurov <pluknet@gmail.com>
Subject: Re: periodic security run output gives false positives after 1 year
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Feb 2012 00:51:43 -0000

> 1) Make it an option.
> 2) If it isn't set, keep the output like it is now.
> 3) Set it by default in new installs, with a comment above it that it
> might break things. That way people upgrading get a warning, too, and
> can keep it the way it has been if they'd like.

You can, but it'd be like sendmail logging which has no fixed format and
correspondingly few log report programs.  OTOH Postfix learned from that
and made its log format immutable.  As a result there are some nice
syslog-reading report utilities for postfix.

POSIX' Austin group tried to do something similar by proposing a
LOCALE-dependent month field of variable length instead of 3 char English
month names.  Not aware of anyone who used that.  It was never a good
idea but the Austin group is small, has alarmingly little concern for
backwards compatibility, and does not solicit end-user input.  FreeBSD is
still my favorite OS in large part because it is not like POSIX' Austin
group in those respects.

Roger Marquis