From owner-freebsd-security@FreeBSD.ORG  Thu Aug 10 19:10:58 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2595116A4DE
	for <freebsd-security@freebsd.org>;
	Thu, 10 Aug 2006 19:10:58 +0000 (UTC)
	(envelope-from bvowk@math.ualberta.ca)
Received: from 3jane.math.ualberta.ca (3jane.math.ualberta.ca [129.128.206.44])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8FC3243D53
	for <freebsd-security@freebsd.org>;
	Thu, 10 Aug 2006 19:10:57 +0000 (GMT)
	(envelope-from bvowk@math.ualberta.ca)
Received: from 3jane.math.ualberta.ca (localhost.math.ualberta.ca [127.0.0.1])
	by 3jane.math.ualberta.ca (8.13.6/8.13.6) with ESMTP id
	k7AJAhwK094893; Thu, 10 Aug 2006 13:10:43 -0600 (MDT)
	(envelope-from bvowk@math.ualberta.ca)
Received: from localhost (bvowk@localhost)
	by 3jane.math.ualberta.ca (8.13.6/8.13.6/Submit) with ESMTP id
	k7AJAhUH094890; Thu, 10 Aug 2006 13:10:43 -0600 (MDT)
	(envelope-from bvowk@math.ualberta.ca)
X-Authentication-Warning: 3jane.math.ualberta.ca: bvowk owned process doing -bs
Date: Thu, 10 Aug 2006 13:10:43 -0600 (MDT)
From: Barkley Vowk <bvowk@math.ualberta.ca>
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
In-Reply-To: <19127.1155231543@critter.freebsd.dk>
Message-ID: <20060810130331.X94142@3jane.math.ualberta.ca>
References: <19127.1155231543@critter.freebsd.dk>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-security@freebsd.org,
	=?ISO-8859-1?Q?=22Jos=E9_M=2E_Fandi=F1o=22?= <freebsd4@fadesa.es>
Subject: Re: atheros chips dangerous? 
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Aug 2006 19:10:58 -0000

On Thu, 10 Aug 2006, Poul-Henning Kamp wrote:

> The Atheros driver in FreeBSD is maintained and compiled by Sam Leffler,
> who has been around since BSD 4.2 in the early eighties sometimes.
>
> I trust Sam.

I don't think that quite answers his question however. Its not so much a 
matter of trusting Sam, but a matter of trusting that Sam had enough 
access to the binary objects in question to have eliminated the errors in 
them. While I see that his name is in the copyright notice on the contrib 
code, I don't see anything to indicate that most of the code isn't shared 
between most platforms. So there might be a good chance that whatever bugs 
affect the OsX drivers, also affect the freebsd ones.

That being said, I do trust Sam, and code written by Sam. I don't know 
however if this blob of code I'm loading was actually written by Sam, or 
just wrapped to work on freebsd by Sam.