From owner-freebsd-questions  Mon Sep  6 14:32:14 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from zippy.cdrom.com (zippy.cdrom.com [204.216.27.228])
	by hub.freebsd.org (Postfix) with ESMTP
	id 1C9C015773; Mon,  6 Sep 1999 14:32:07 -0700 (PDT)
	(envelope-from jkh@zippy.cdrom.com)
Received: from localhost (jkh@localhost [127.0.0.1])
	by zippy.cdrom.com (8.9.3/8.9.3) with ESMTP id OAA74549;
	Mon, 6 Sep 1999 14:31:51 -0700 (PDT)
	(envelope-from jkh@zippy.cdrom.com)
To: Brad Knowles <blk@skynet.be>
Cc: Pascal Hofstee <daeron@Wit401305.student.utwente.nl>,
	freebsd-questions@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG
Subject: Re: softupdates in latest build? 
In-reply-to: Your message of "Mon, 06 Sep 1999 18:09:11 +0200."
             <v04205526b3f9964ac159@[195.238.1.121]> 
Date: Mon, 06 Sep 1999 14:31:51 -0700
Message-ID: <74545.936653511@localhost>
From: "Jordan K. Hubbard" <jkh@zippy.cdrom.com>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> 	I ran into some problems with a number of things that had changed 
> in the format of kernel configs, but the biggest thing I've run 
> across so far is the fact that Berkeley Packet Filtering (bpf) is now 
> enabled by default, as opposed to disabled by default.

This has been discussed positively to death, and in order for DHCP to
work this simply had to happen.  If you want network sniffage
immunity, use a proper switch like the rest of us. :) As it is, any of
one's Windows (or other OS) boxes can be turned into sniffers so
easily that turning off bpf in FreeBSD is good for little more than
a false sense of security.

> 	This opens a *huge* security risk for anyone who doesn't 
> reconfigure their kernel or doesn't fully comprehend the potential 
> danger here.  Are we really sure that the FreeBSD Inc. has 
> sufficiently increased it's liability insurance to cover the 
> potentially multi-million dollar lawsuits that might result from this 
> change?

Paragraph 9 of the license:

THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.

In other words, all of FreeBSD is a "use it at your own risk" proposition
and we can add code which specifically targets your family and pets
for extermination (e.g. we can build the terminator and let it loose
on you) and it's still all your fault for allowing us to do that. :-)

- Jordan


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message