Date: Sat, 03 Oct 1998 20:41:46 -0600 From: Brett Glass <brett@lariat.org> To: Greg Lehey <grog@lemis.com> Cc: freebsd-chat@FreeBSD.ORG Subject: Re: Status Report on 2.2.6 Giveaway CD's Message-ID: <4.1.19981003203743.0423c360@mail.lariat.org> In-Reply-To: <19981004110222.C10081@freebie.lemis.com> References: <4.1.19981003121246.041c3330@mail.lariat.org> <Your <4.1.19981003105957.0420ea30@mail.lariat.org> <13859.907436889@time.cdrom.com> <4.1.19981003121246.041c3330@mail.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 11:02 AM 10/4/98 +0930, Greg Lehey wrote: >> On Friday, 21 August 1998 at 9:43:01 -0600, Brett Glass wrote: >>> At 12:27 PM 8/21/98 +0000, Duncan Barclay wrote: >>> >>>> In CNets headline story today, FreeBSD replaces comproimised IRIX >>>> servers at a Kentucky ISP! >>>> >>>> Whether the attack was the fault of the ISP's operating system >>>> remains an unanswered question. But Aye Net is not taking any >>>> chances. It has since replaced its operating system with FreeBSD, >>>> which is a version of Unix with strengthened security measures. >>>> >>>> http://www.news.com/News/Item/0,4,25526,00.html?st.ne.1.head >>> >>> For Heaven's sake someone warn them not to run QPopper. >> >> Why? Firstly, it wasn't a FreeBSD problem, and secondly it's been >> fixed. > >That stands. But it WOULDN'T be fixed on the 2.2.6 CD set! And if someone is just getting into FreeBSD or UNIX, the last thing they're going to know is how to find out about security problems or how to upgrade. Again, I'd prepare a sticker for the disk, a program to patch the known holes, and/or instructions for an immediate, painless upgrade. I'd never, NEVER give someone a system disk with well-known, easily exploitable holes without such warnings and fixes. But that's just me. Personally, I would feel responsible if the user got shafted, and wouldn't want FreeBSD's reputation to suffer. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19981003203743.0423c360>