Date: Fri, 17 May 1996 16:51:27 -0500 (CDT) From: Jeff Hupp <jhupp@black.gensys.com> To: freebsd-security@FreeBSD.org Subject: Re: very bad Message-ID: <199605172151.QAA11714@black.gensys.com> In-Reply-To: <Pine.BSF.3.91.960517144047.17748A-100000@orion.webspan.net> from "Scanner SOD" at May 17, 96 02:46:28 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Scanner SOD shaped the electrons to the following form: : On Fri, 17 May 1996, Vladimir Jojic wrote: : : > : > Hi, : > : > What IS very bad about this whole thing, isn't existance of this bug, : > as much as how easliy information about it can be obtained. Even if : > you do send patch along with info, there is still danger that someone, : > gets up earlier than root, and then ... (sweat dreams, root!) : > : > I am not very familiar with mailing list programs, but there is posible : > improvment (if it isn't yet done): : > [Suggestions deleted] : I have to agree. Myself and others on the FreeBSD Net. : (http://www.bsdnet.org) Have recently become very concerned about the : policies of the propogation and lack thereof, of security information on : FreeBSD. Im not blaming anyone I acknowledge just how many hours there : are in a day for the everyone. But we fear that as FreeBSD becomes a more : appealing route to take for a lot of ISP's, companies, etc.. That we are : going to wind up taking the same policies. See no evil hear no evil. : : I have complete faith that BSD is one of the most secure unicies out there, : But when a "feature" :) like the mount_union pops up it makes one wonder : what is wrong with that picture. I would like to volunteer to help out in : any way to see that something along the lines of vladimir's suggestions : are carried out. I think we need a fast, safe way to bring admins the : information that is critical. : Security through obscurity does not work. Spreading the word far and wide is the only hope of getting the word in all the right hands. If it gets out at all it will end up in the wrong hand. I was very happy to see this come across my desk as it allowed me to fix the problem as soon as word was out. -- Windows '95 ~ Never has so much done so little for so many. Jeff Hupp <Jhupp@gensys.com> <http://gensys.com>; PGP Public Key available at http://gensys.com or on the key servers
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605172151.QAA11714>