Date: Thu, 06 Feb 1997 10:49:00 -0500 (EST) From: "Stephen F. Combs" <CombsSF@Salem.GE.COM> To: Robin Melville <robmel@nadt.org.uk> Cc: security@freefall.freebsd.org Subject: Re: security-digest V3 #12 Message-ID: <XFMail.970206105125.CombsSF@Salem.GE.COM> In-Reply-To: <199702061222.MAA06912@charlie.nadt.org.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Hear, Hear! I've been using FreeBSD since the first available pre-release snapshot and I've NO PROBLEMS with the core developers! Jordan and the core team have been EXTREEMLY responsive to problems/security holes/etc..... Anything thought of by man can be circumvented by man!(don't remember WHO was the originator of that but 'TIS TRUE!). Guys (and gals, if there are any) KEEP UP THE GOOD WORK! On 06-Feb-97 Robin Melville wrote: >As a careful follower of the security digest I feel moved to add a >pennyworth of complaint. > >I'm getting very tired of wading through the arrogant, hypercritical screeds >posted by some correspondents. > >Any user of FreeBSD must be aware that it's an exeptional piece of work >provided by volunteers who work their butts off. Our organisation is >particularly grateful to them since it enables us to provide clinical IT >which we couldn't possibly afford to do if the only option was commercial >Unices/Novell/NT. > >The setlocale() security hole is unfortunate, but I'm sure not unexeptional >in the context of any huge project written in C. Now it's known about and is >being/has been fixed. There will be others. > >Security holes are a problem but also a fact of life for all system >managers. I don't have any complaint about the (unpaid) work of the core >team in attempting to patch them as they arise. What /would/ be tiresome >would be the widespread dissemination of exploits to make a (malicious?) point. > >Highly skilled hackers will probably always be able to get into systems, >this is also a fact of life. Telling (the much larger number) of less >skilled/inquisitive users exactly how to get a # seems to me to be >monstrously unhelpful. Unskilled hackers with root access are much more >likely to do considerable damage by mistake than a passing wizard "bagging" >your system or surreptitiously stealing CPU/disk space. > >If these correspondents have a personal beef with members of the FreeBSD >core team would they please conduct it with private email. > >Thanks. > >Robin Melville >-------------------------------------------------------- >Robin Melville, Addiction & Forensic Information Service >Nottingham Alcohol & Drug Team (Extn. 49178) >Vox: +44 (0)115 952 9478 Fax: +44 (0)115 952 9421 >Email: robmel@nadt.org.uk >WWW: http://www.innotts.co.uk/nadt/ >--------------------------------------------------------- > ---- Stephen F. Combs Internet: CombsSF@Salem.GE.COM GE Industrial Systems Voice: 540.387.8828 Network Services Home: CombsSF-Home@Salem.GE.COM 1501 Roanoke Blvd FAX: 540.387.7106 Salem, VA 24153 LapTop: CombsSF-Mobile@Salem.GE.COM
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.970206105125.CombsSF>