Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 5 Oct 2000 00:00:44 -0700
From:      "David O'Brien" <obrien@FreeBSD.ORG>
To:        Alfred Perlstein <bright@wintelcom.net>
Cc:        cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject:   Re: cvs commit: src/usr.bin/finger finger.c
Message-ID:  <20001005000044.C56495@dragon.nuxi.com>
In-Reply-To: <20001004231126.T27736@fw.wintelcom.net>; from bright@wintelcom.net on Wed, Oct 04, 2000 at 11:11:26PM -0700
References:  <20001003155638.B73409@hub.freebsd.org> <200010032326.e93NQ7H17213@netplex.com.au> <20001003164236.Q27736@fw.wintelcom.net> <20001004221921.F50210@dragon.nuxi.com> <20001004231126.T27736@fw.wintelcom.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Oct 04, 2000 at 11:11:26PM -0700, Alfred Perlstein wrote:
> The kernel is one giant program and keeping it in relative sync is
> hard. (let's avoid the problems we had with 3.x)
>
> The kernel is more complex than userland, but since it's mostly

Yes, and since it is hard, it should not be rushed.  (Not that we've done
a very good job of MFC'ing into RELENG_4).  This thread has the common
theme of being cautious.
 
> self contained and doesn't do a lot of string parsing (which is
> where the majority of these vulnerabilities occur) it is actually
> easier to see what's going on, at least for me.

ONLY for one class of vulnerabilities -- buffer overflows.  What about
the easy to guess sequence numbers?  Or the whole class of denial of
service.  There are more vulnerabilities in the world than just buffer
overflows.

> The complexity of the kernel forces you to understand a great deal
> more about the internal interactions of various subsystems.

And I can point to a few MFC that happened too fast in kernel code that
caused real problems -- even in RELENG_4.
 
> We _can_ back things out and we do have a good track record of
> restabilizing once a problem is found.

IMHO, nothing MFC'ed into -stable should ever need to be backed out.  IF
the need arises that means we did a very poor job of MFC'ing.
 
-- 
-- David  (obrien@FreeBSD.org)


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001005000044.C56495>