Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 12 Aug 2003 17:30:44 +0200
From:      "Devon H. O'Dell" <dodell@sitetronics.com>
To:        <chris@redstarnetworks.net>
Cc:        security@freebsd.org
Subject:   RE: realpath(3) et al
Message-ID:  <00bc01c360e6$b2ac0b70$9f8d2ed5@internal>
In-Reply-To: <000201c360e4$9a450390$0304a8c0@delllaptop>

next in thread | previous in thread | raw e-mail | index | archive | help
Well, not only would it save companies money, but it would be beneficial =
for
FreeBSD and system administrators as well. I know several administrators =
who
are forced to work with Linux because it is "certified" and "more widely
supported" than "any of the BSDs". This is, of course, absolute crap, =
but
without any audit certifications, companies are less likely to even take =
a
peek into what FreeBSD can offer.

I'd personally be willing to contribute a bit of money (probably even =
more
as I come to have it). However, I do not feel comfortable donating this
money saying, "Here's $150, use it for a certification." and then =
needing
not knowing if/when others will be doing the same. There needs to be an
initiative from the FreeBSD group to get this started -- people need to =
be
able to click a button on the front page of freebsd.org and be able to
donate as much money as they want (or find out where to send a check).

In any case, 150 companies donating $1,000 would only cover 10% of the =
money
needed for this certification. I don't know how many companies are using
FreeBSD nor do I know their interests in helping with the evolution of
FreeBSD; I would guess, however, that there are enough companies and =
private
parties who would be able to fund this type of project. It would be
beneficial to them (as you've just proven) and to the project overall.

Should I propose this on freebsd-audit? Is there any way I can help =
other
than via a monetary contribution? I'd like to do both.

Kind regards,

Devon H. O'Dell
Systems and Network Engineer
Simpli, Inc. Web Hosting
http://www.simpli.biz

> -----Oorspronkelijk bericht-----
> Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-
> security@freebsd.org] Namens Chris Odell
> Verzonden: Tuesday, August 12, 2003 5:16 PM
> Aan: 'Devon H. O'Dell'
> CC: security@freebsd.org
> Onderwerp: RE: realpath(3) et al
>=20
>=20
>   Corporations - INTERNET Companies...
>=20
>   If you look at the big picture, having a O.S. that has been audited
> for issues would actually be cost effective for them. Having to patch =
a
> machine that is in service causes downtime.
>=20
>   Lets see -
>=20
>   Each machine takes ten (10) minutes of human work to drop into =
single
> user mode and install new binaries/kernels
>=20
>   The company has one thousand (1000) machines
>=20
>   That comes to ten thousand (10000) minutes, broken down to hours - =
167
> Hours
>=20
>   The average admin say is making forty five (45) dollars a hour - =
over
> $7000.00 - not including taxes paid by employer.
>=20
>   So if one hundred fifty companies donated one thousand dollars =
(1000)
> it would save them downtime, payroll, and taxes.
>=20
>   Just a rough estimate and my 2 cents
>=20
>=20
> Chris Odell
> chris@redstarnetworks.net
>=20
>=20
> -----Original Message-----
> From: owner-freebsd-security@freebsd.org
> [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Devon H. =
O'Dell
> Sent: Tuesday, August 12, 2003 7:42 AM
> To: 'Brooks Davis'
> Cc: security@freebsd.org
> Subject: RE: realpath(3) et al
>=20
>=20
> Okay, so where do we begin with taking contributions?
>=20
> Devon
>=20
> > -----Oorspronkelijk bericht-----
> > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-
> > security@freebsd.org] Namens Brooks Davis
> > Verzonden: Tuesday, August 12, 2003 4:38 PM
> > Aan: Devon H. O'Dell
> > CC: security@freebsd.org
> > Onderwerp: Re: realpath(3) et al
> >
> > On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote:
> > > What sorts of security standards commissions are there, how much
> > > does getting "standards certified" cost, and where should we =
start?
> >
> > I think the ballpark number I heard for a minimal certification =
under
> > Common Criteria was $1.5m.
> >
> > -- Brooks
>=20
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to
> "freebsd-security-unsubscribe@freebsd.org"
>=20
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-
> unsubscribe@freebsd.org"



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00bc01c360e6$b2ac0b70$9f8d2ed5>