Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 14 Sep 2000 19:13:30 -0500
From:      "Jacques A. Vidrine" <n@nectar.com>
To:        Ade Lovett <ade@FreeBSD.org>
Cc:        security@freebsd.org
Subject:   Re: potential security exposure in GNOME/ORBit?
Message-ID:  <20000914191330.A817@spawn.nectar.com>
In-Reply-To: <20000914165613.J74753@lovett.com>; from ade@FreeBSD.org on Thu, Sep 14, 2000 at 04:56:13PM -0500
References:  <20000914120949.E73990@FreeBSD.org> <Pine.BSF.4.21.0009141013300.64302-100000@freefall.freebsd.org> <20000914122320.G73990@FreeBSD.org> <20000914165613.J74753@lovett.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 14, 2000 at 04:56:13PM -0500, Ade Lovett wrote:
> Unless I hear to the contrary (ie: someone comes up with a better
> solution + patches) by 0900 CDT tomorrow 9/15, I'm going to commit my
> original patch, modulo that it will install etc/orbitrc.sample and
> use a pkg/MESSAGE suggesting that they move it in place for security
> reasons.

In that case, why bother with an etc/orbitrc.sample?  Just have the
appropriate message in pkg/MESSAGE.

However, I think that is mostly useless.  I'd rather see this:

    if ![ -f ${PREFIX}/etc/orbitrc ]; then
	    echo "ORBIIOPIPv4=0" > ${PREFIX}/etc/orbitrc
	    echo "ORBIIOPIPv6=0" >> ${PREFIX}/etc/orbitrc
    fi

I want it secured by default.  As you say, if a better solution shows up
later, so be it.   I doubt anyone outside of the GNOME or ORBit
development communities has an orbitrc anyway.

-- 
Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000914191330.A817>