From owner-freebsd-security Tue Apr 10 16:40:30 2001 Delivered-To: freebsd-security@freebsd.org Received: from pericles.IPAustralia.gov.au (pericles.IPAustralia.gov.au [202.14.186.30]) by hub.freebsd.org (Postfix) with ESMTP id D51F537B422 for ; Tue, 10 Apr 2001 16:40:25 -0700 (PDT) (envelope-from Stanley.Hopcroft@IPAustralia.gov.au) Received: (from smap@localhost) by pericles.IPAustralia.gov.au (8.11.1/8.11.1) id f3ANeOB79498 for ; Wed, 11 Apr 2001 09:40:24 +1000 (EST) (envelope-from Stanley.Hopcroft@IPAustralia.gov.au) Received: from disc-3-110.aipo.gov.au(10.0.3.110) by pericles.IPAustralia.gov.au via smap (V2.0) id xma079474; Wed, 11 Apr 01 09:40:14 +1000 Received: (from anwsmh@localhost) by stan.aipo.gov.au (8.11.1/8.11.1) id f3ANeQP80282 for freebsd-security@freebsd.org; Wed, 11 Apr 2001 09:40:26 +1000 (EST) (envelope-from anwsmh) Date: Wed, 11 Apr 2001 09:40:26 +1000 From: Stanley Hopcroft To: freebsd-security@freebsd.org Subject: Re: Security Announcements? Message-ID: <20010411094026.B80253@IPAustralia.Gov.AU> References: <20010410215014.A8173@scientia.demon.co.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from nmh@daemontech.com on Tue, Apr 10, 2001 at 03:43:47PM -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dear Ladies and Gentlemen, I am writing to endorse Ms Harringtons remarks (vi) and ask that her requests be treated seriously. They are mine too, and I don't think unrealistic for a working joe who is neither an ace - even an average - programmer or network technologist. I use FreeBSD because it is easy to use compared to other things (NT, OS/2, AIX, probably Solaris) and safe. If it is no longer safe, and I have to take hours to install a port - because I am slow and stupid - then the attractiveness is reduced. On Tue, Apr 10, 2001 at 03:43:47PM -0700, Nicole Harrington wrote: > > As someone who runs many production level servers here is what I would want > In order: > > 1) A notice that there is problem - So I can tcpwrap or shutdown said service > until a patch is available. > > 2) A binary patch. Similiar to the Linux RPM.s and the BSDi patches. > Just download and run. No compiles no installs. > > 3) A patch that everyone agrees works in an email or other notification that > says, here's were you can get the patch, this works, here's what to do with > it. > From my perspective it took days for people to stop discussing what patch > was best for ntpd and I still never heard a full resolution on the mailing > list. No official blessing of a patch other than what I would get via CVSUP. I > have production servers, I can't run a CVsup everyday, let alone a make world. > Here here. I have shut down ntpd. I can't determine from the debate about the ntp patch what I should use. There is no SA .... > > Yes I may have missed a few mails or something. But expecting people to spend > their days tracking down patches and notices abt problems kinda negates the > whole idea of a security mailing and notification. Yes. > The process seemed much better in the past, but lately, it has been much less > than optimal. > Can't say. Although I miss Mr Kenneways letters (and Mr Losh for that matter). > > Nicole > > > Thank you, Yours sincerely. -- ------------------------------------------------------------------------ Stanley Hopcroft IP Australia Network Specialist +61 2 6283 3189 +61 2 6281 1353 (FAX) Stanley.Hopcroft@IPAustralia.Gov.AU ------------------------------------------------------------------------ One is not superior merely because one sees the world as odious. -- Chateaubriand (1768-1848) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message