Date: Thu, 16 Jan 2003 10:51:15 -0800 From: Alfred Perlstein <bright@mu.org> To: Nate Lawson <nate@root.org> Cc: Martin Blapp <mb@imp.ch>, cvs-all@FreeBSD.org, cvs-committers@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/mountd mountd.c src/usr.sbin/rpc.lockd lockd.c src/usr.sbin/rpc.statd statd.c src/usr.sbin/rpc.yppasswdd yppasswdd_main.c src/usr.sbin/rpcbind rpcb_svc_com Message-ID: <20030116185115.GQ33821@elvis.mu.org> In-Reply-To: <Pine.BSF.4.21.0301161015050.46845-100000@root.org> References: <20030116185752.L98919@levais.imp.ch> <Pine.BSF.4.21.0301161015050.46845-100000@root.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In the light of the security issues here and request for silence about the issue, perhaps we can post a followup to -developers after such a commit and at a later date follow up with a forced commit when things are "safe" to completely explain the issue. -Alfred * Nate Lawson <nate@root.org> [030116 10:23] wrote: > On Thu, 16 Jan 2003, Martin Blapp wrote: > > Nate Lawson wrote: > > > Please use a longer MFC period than 1 day for something which touches > > > a major library component and many user programs. In particular, changes > > > like this could use testing: > > > > Of course you are right and it would be better to have this in the tree for > > 2-3 weeks before MCF. > > > > This is a security fix, and has been in question since two weeks. I'm mailed re > > about it and unfortunatly it took so long. We (Re and I) did extensivly > > test this change. > > I don't think I understand. Please give more information on the > commits: > > * "Implement non-blocking tcp-connections. MFC: 1 day" > * MFC of the above, 2 hours later > * "Fix memleak. MFC: 2 weeks" > * MFC of the above, 13 minutes later > > I have a hard time believing that adding non-blocking tcp connections is a > security fix. At the very least, you should use a much more verbose > commit message for such a large change. > > -Nate -- -Alfred Perlstein [alfred@freebsd.org] 'Instead of asking why a piece of software is using "1970s technology," start asking why software is ignoring 30 years of accumulated wisdom.' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030116185115.GQ33821>