From owner-freebsd-security  Thu Dec  2  4:14:34 1999
Delivered-To: freebsd-security@freebsd.org
Received: from slack.net (brooklyn.slack.net [206.41.21.102])
	by hub.freebsd.org (Postfix) with SMTP id 8970B14F44
	for <security@FreeBSD.ORG>; Thu,  2 Dec 1999 04:14:28 -0800 (PST)
	(envelope-from andrewr@slack.net)
Received: (qmail 1043 invoked by uid 1077); 2 Dec 1999 12:10:02 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 2 Dec 1999 12:10:02 -0000
Date: Thu, 2 Dec 1999 07:10:02 -0500 (EST)
From: andrewr <andrewr@slack.net>
To: "Jordan K. Hubbard" <jkh@zippy.cdrom.com>
Cc: Jesse <j@lumiere.net>, Brock Tellier <btellier@usa.net>,
	Bill Swingle <unfurl@dub.net>, security@FreeBSD.ORG
Subject: Re: [Re: [btellier@USA.NET: Several FreeBSD-3.3 vulnerabilities
In-Reply-To: <2660.944122732@zippy.cdrom.com>
Message-ID: <Pine.BSO.4.10.9912020706480.7170-100000@schwing.slack.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> 
> It would be reasonable to hope, but not to expect.  The security
> officers are horribly overworked. :(

Is it feasible to ask whether or not there is/should be a _core_ security
group?  I always had thought that the "Security Officer" for the FreeBSD
project was a few people... however, if this doesn't seem to fit the bill
for them, I am sure there are a few people who wouldn't mind being the
persons held responsible for such a task.. (task being that of pointing
bugs to the correct maintainers when it is security related).

I know I am willing to put in the time for this kind of job, however, I
think it would be better for others who are possibly closer to the
project.


Andrew



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message