From owner-freebsd-stable@FreeBSD.ORG  Tue Nov 18 05:34:07 2003
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CDBE316A4CE
	for <freebsd-stable@freebsd.org>;
	Tue, 18 Nov 2003 05:34:07 -0800 (PST)
Received: from tx3.oucs.ox.ac.uk (tx3.oucs.ox.ac.uk [163.1.2.167])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D5CAE43F93
	for <freebsd-stable@freebsd.org>;
	Tue, 18 Nov 2003 05:33:56 -0800 (PST)
	(envelope-from colin.percival@wadham.ox.ac.uk)
Received: from scan3.oucs.ox.ac.uk ([163.1.2.166] helo=localhost)
	by tx3.oucs.ox.ac.uk with esmtp (Exim 4.20)
	id 1AM5zP-0007W0-PC
	for freebsd-stable@freebsd.org; Tue, 18 Nov 2003 13:33:55 +0000
Received: from rx3.oucs.ox.ac.uk ([163.1.2.165])
 by localhost (scan3.oucs.ox.ac.uk [163.1.2.166]) (amavisd-new, port 25)
 with ESMTP id 28657-08 for <freebsd-stable@freebsd.org>;
 Tue, 18 Nov 2003 13:33:55 +0000 (GMT)
Received: from gateway.wadham.ox.ac.uk ([163.1.161.253])
	by rx3.oucs.ox.ac.uk with smtp (Exim 4.20)
	id 1AM5zP-0007Vo-Bn
	for freebsd-stable@freebsd.org; Tue, 18 Nov 2003 13:33:55 +0000
Received: (qmail 27033 invoked by uid 0); 18 Nov 2003 13:33:55 -0000
Received: from colin.percival@wadham.ox.ac.uk by gateway by uid 71 with
	qmail-scanner-1.16  (sweep: 2.14/3.71. spamassassin: 2.53.  Clear:. 
	Processed in 1.28122 secs); 18 Nov 2003 13:33:55 -0000
X-Qmail-Scanner-Mail-From: colin.percival@wadham.ox.ac.uk via gateway
X-Qmail-Scanner: 1.16 (Clear:. Processed in 1.28122 secs)
Received: from dhcp1131.wadham.ox.ac.uk (HELO piii600.wadham.ox.ac.uk)
	(163.1.161.131)
	by gateway.wadham.ox.ac.uk with SMTP; 18 Nov 2003 13:33:54 -0000
Message-Id: <5.0.2.1.1.20031118133154.0318b7c8@popserver.sfu.ca>
X-Sender: cperciva@popserver.sfu.ca
X-Mailer: QUALCOMM Windows Eudora Version 5.0.2
Date: Tue, 18 Nov 2003 13:33:44 +0000
To: des@des.no (Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= ),
	freebsd-stable@freebsd.org
From: Colin Percival <colin.percival@wadham.ox.ac.uk>
In-Reply-To: <xzp7k1yxdev.fsf@dwp.des.no>
References: <5.0.2.1.1.20031117165641.03101720@popserver.sfu.ca>
 <5.0.2.1.1.20031117165641.03101720@popserver.sfu.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"; format=flowed
Content-Transfer-Encoding: quoted-printable
cc: Carol Overes <caroloveres@yahoo.com>
Subject: Re: Secure updating of OS and ports
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Production branch of FreeBSD source code
	<freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Nov 2003 13:34:07 -0000

At 09:56 18/11/2003 +0100, Dag-Erling Sm=F8rgrav wrote:
>Colin Percival <colin.percival@wadham.ox.ac.uk> writes:
> >    CVSup is insecure.  FreeBSD Update might do what you want, but
> > you'd have to trust me. :)
>
>...and three-hundred-odd FreeBSD developers.

   True, but there's a slight difference there -- people can look at the=20
FreeBSD source code, but it's rather difficult to audit the binary updates=
=20
I publish.

Colin Percival