Date: Tue, 03 Oct 2000 23:08:37 -0600 From: Warner Losh <imp@village.org> To: Brett Glass <brett@lariat.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: cvs commit: src/usr.bin/finger finger.c Message-ID: <200010040508.XAA33386@harmony.village.org> In-Reply-To: Your message of "Tue, 03 Oct 2000 17:55:55 MDT." <4.3.2.7.2.20001003175130.043dc4c0@localhost> References: <4.3.2.7.2.20001003175130.043dc4c0@localhost> <200010032326.e93NQ7H17213@netplex.com.au> <20001003155638.B73409@hub.freebsd.org> <200010032326.e93NQ7H17213@netplex.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <4.3.2.7.2.20001003175130.043dc4c0@localhost> Brett Glass writes: : At 05:42 PM 10/3/2000, Alfred Perlstein wrote: : : >There's a large difference between kernel and userland here, kernel : >changes need to be backported relatively quickly while userland : >can allow for a longer test period. Seperate policies may serve : >us better than one that covers the entire tree. : : What about root compromises in userland -- e.g. in setuid apps, daemons : that run (or at least start) as root, etc.? Root compromises invoke the compelling reason clause, as do most security fixes. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010040508.XAA33386>