Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 5 Feb 1997 18:27:01 -0500 (EST)
From:      spork <spork@super-g.com>
To:        David Greenman <dg@root.com>
Cc:        tqbf@enteract.com, karl@mcs.net, freebsd-chat@FreeBSD.ORG
Subject:   Re: 2.1.6+++: crt0.c CRITICAL CHANGE 
Message-ID:  <Pine.BSF.3.95.970205180940.275D-100000@super-g.inch.com>
In-Reply-To: <199702052208.OAA11453@root.com>

next in thread | previous in thread | raw e-mail | index | archive | help

On Wed, 5 Feb 1997, David Greenman wrote:

>    I don't like how this whole mess has come down. There is an awful lot of
> ill-will being passed out that will have long term ramifications. It didn't
> need to happen this way.
> 
> -DG

I think most of the ill-will comes from the following sources:

1. Misinformation - I've applied like 5 different patches to all my
machines (there are many) in hopes that some punk wouldn't come along and
put the company I work for out of business.  Estimates on the severity
went from very serious to kind-of-serious.  What's a user to do?  

2. Lack of Information - I saw more info on Bugtraq than on the various
FBSD lists.  Not even an announcement something was being hammered out.
That tends to make anyone who depends on their machines *very* nervous.  I
understand it takes time to create a fix, but a quick paragraph to update
the masses would be nice.

3. You folks (DG & Co.) are the core team-as such there are certain things
that those of us that are administrators *but not C programmers* (some
would say there's no such thing as an administrator that's not a
programmer, and I say "what the hell am I doing 10 hours a day then?").
You have to realize that you "sell" the OS on the webpage and in
-questions, etc. and in turn people like me "sell" the OS to the money
people.  So I'm sitting here like the proverbial "sitting duck" not
knowing how to fix the problem even with all the time in the world.  If I
knew a bit more, I'd be on the list freaking out and screaming about why
the big hole in the bottom of the boat at sea is not being patched; even
if only with duct tape.

4. The damned medium of communications.  If Karl, Tom, Joe, and the core
team were sitting face to face over laptops in a nice bar somewhere, the
arguments would be shorter and the solution would be out by now.  Arguing
wastes alot of time when done via email.

That's it; my only complaint is being kept in the dark to sweat it out.
If I knew my C, I'd be trying to help, and I'd be alot less nervous.  So
for those of us who aren't able to mumble library routines in our sleep,
please try and keep us posted (even a *short* message) when security
problems crop up.  And some background for those *learning* C would be
good a bit after the fact so we can all learn the safe way to code from
previous mistakes...

Thanks for a swell OS, and I'm REALLY looking forward to the patch,

Charles
 




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.970205180940.275D-100000>