Date: Fri, 9 Jun 2000 12:56:03 -0400 (EDT) From: mi@privatelabs.com To: Maxim Sobolev <sobomax@FreeBSD.org> Cc: freebsd-ports@FreeBSD.org Subject: Re: ports/19047: net/arpwatch patched to use tmpfile() instead of mktemp() Message-ID: <200006091656.MAA14702@misha.privatelabs.com> In-Reply-To: <3941100C.D85F0FCF@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9 Jun, Maxim Sobolev wrote: = mi@privatelabs.com wrote: = = > On 9 Jun, sobomax@FreeBSD.org wrote: = > = Synopsis: net/arpwatch patched to use tmpfile() instead of mktemp() = > = = > = State-Changed-From-To: open->closed = > = State-Changed-By: sobomax = > = State-Changed-When: Fri Jun 9 00:24:07 PDT 2000 = > = State-Changed-Why: = > = Another patch committed. Anyway thanks for reporting and please in = > = the future try to be more cooperative and keep your ego under = > = control. = > = = > = http://www.freebsd.org/cgi/query-pr.cgi?pr=19047 = > = > I maintain, there was nothing wrong with my patch on any of the = > Operating Systems in scope. = = Are you a new FreeBSD Security Officer? Sorry, but I do not remember = anything relevant committed into CVSROOT/access.... Please spare the poor taste pseudo-sarcasm. I agree that there might, in fact, be operating systems out there on which tmpfile is dangerous. It is however not dangerous on the three operating systems that use the ports (Open, Net, and FreeBSD) -- and Kris seems to agree with that. And the tmpfile's man page says just that. And both, you and Ade don't seem to disagree. This is NOT a security issue. It is the ports issue. If it is the FreeBSD's ports system's ambition to provide patches, which will (safely) work on all/most other systems, then a lot of other patches have to be reviewed. I was not, however, aware that following such an ambition is a _requirement_ for the patches and in this particular case I believe it results in duplicating code. The tone used by Ade to persuade me added a non-technical reason to the purely technical reasons I put into my first response to you. = > My earlier reference to my ego was to explain my reluctance to = > compromise in that particular case, not to admit a flaw in the = > patch. = = Do you know the following old Russian saying: "If several people told = you that you are drunk then it is better to go sleep, even if you = absolutely sure that you are not" (translation may not be ideal, but = you should get my point). The use of sayings is alway fun and amusing. For example, how about: Whenever you find that you are on the side of the majority, it is time to reform. by Mark Twain? -mi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006091656.MAA14702>