From owner-freebsd-audit  Thu Nov 30 20:46:24 2000
Delivered-To: freebsd-audit@freebsd.org
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by hub.freebsd.org (Postfix) with ESMTP id 2DCA637B400
	for <audit@FreeBSD.org>; Thu, 30 Nov 2000 20:46:22 -0800 (PST)
Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.11.1/8.11.1) with SMTP id eB14k8f07212;
	Thu, 30 Nov 2000 23:46:08 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Date: Thu, 30 Nov 2000 23:46:08 -0500 (EST)
From: Robert Watson <rwatson@FreeBSD.org>
X-Sender: robert@fledge.watson.org
To: Matthew Jacob <mjacob@feral.com>
Cc: audit@FreeBSD.org
Subject: Re: Solicitation for auditing process announcement
In-Reply-To: <Pine.BSF.4.21.0011302018430.59011-100000@beppo.feral.com>
Message-ID: <Pine.NEB.3.96L.1001130234448.97425E-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


On Thu, 30 Nov 2000, Matthew Jacob wrote:

> >indicating that audit@ is willing to do review-on-demand and should be
> 
> What does 'review on demand' mean?

It means that we're too laid back to have figured out rigorous, pro-active
re-auditing of the source tree, and instead we sit there and wait until
someone e-mails audit@ saying, ``I'm going to make the following stupid
changes to the following setuid binaries, could you take a look and OK
them before I drive-by commit them twenty minutes before the release?''

Robert N M Watson             FreeBSD Core Team, TrustedBSD Project
robert@fledge.watson.org      NAI Labs, Safeport Network Services




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message