Date: Mon, 11 Aug 2003 15:33:24 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Mike Hoskins <mike@adept.org> Cc: security@freebsd.org Subject: Re: realpath(3) et al Message-ID: <20030811223323.GA43868@rot13.obsecurity.org> In-Reply-To: <20030811133749.U27196@fubar.adept.org> References: <20030811133749.U27196@fubar.adept.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--45Z9DzgjV8m4Oswq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Aug 11, 2003 at 02:08:27PM -0700, Mike Hoskins wrote: > My question is... If enabling a 3rd-party audit for some target release > (5.3+ I'd assume) is desirable, what would be needed money-, time- and > other-wise? I'm willing to invest both time and money to make this > happen. I'd expect such an endeavor to be tedious and expensive... and, > of course, it would really need to be repeated occasionally to be of real > value. (Probably, at least, after major version number changes.) > However, perhaps doing an audit of the base system now would help our > image in the security community? Help with auditing is always welcomed. See the freebsd-audit mailing list. Kris --45Z9DzgjV8m4Oswq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/OBmzWry0BWjoQKURAhUkAKC9LP+td0lASSNE/GkKnbM8NZ/CoQCfYC9c JuC+knGcUSiSC9+qwOBkDHE= =dgx+ -----END PGP SIGNATURE----- --45Z9DzgjV8m4Oswq--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030811223323.GA43868>