From owner-cvs-all  Thu Oct  5  0: 0:51 2000
Delivered-To: cvs-all@freebsd.org
Received: from dragon.nuxi.com (trang.nuxi.com [209.152.133.57])
	by hub.freebsd.org (Postfix) with ESMTP
	id 042DA37B502; Thu,  5 Oct 2000 00:00:47 -0700 (PDT)
Received: (from obrien@localhost)
	by dragon.nuxi.com (8.9.3/8.9.1) id AAA56587;
	Thu, 5 Oct 2000 00:00:45 -0700 (PDT)
	(envelope-from obrien)
Date: Thu, 5 Oct 2000 00:00:44 -0700
From: "David O'Brien" <obrien@FreeBSD.ORG>
To: Alfred Perlstein <bright@wintelcom.net>
Cc: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG,
	freebsd-security@FreeBSD.ORG
Subject: Re: cvs commit: src/usr.bin/finger finger.c
Message-ID: <20001005000044.C56495@dragon.nuxi.com>
Reply-To: obrien@FreeBSD.ORG
References: <20001003155638.B73409@hub.freebsd.org> <200010032326.e93NQ7H17213@netplex.com.au> <20001003164236.Q27736@fw.wintelcom.net> <20001004221921.F50210@dragon.nuxi.com> <20001004231126.T27736@fw.wintelcom.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2i
In-Reply-To: <20001004231126.T27736@fw.wintelcom.net>; from bright@wintelcom.net on Wed, Oct 04, 2000 at 11:11:26PM -0700
X-Operating-System: FreeBSD 5.0-CURRENT
Organization: The NUXI BSD group
X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3  90 76 5D 69 58 D9 98 7A
X-Pgp-Rsa-Keyid: 1024/34F9F9D5
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Wed, Oct 04, 2000 at 11:11:26PM -0700, Alfred Perlstein wrote:
> The kernel is one giant program and keeping it in relative sync is
> hard. (let's avoid the problems we had with 3.x)
>
> The kernel is more complex than userland, but since it's mostly

Yes, and since it is hard, it should not be rushed.  (Not that we've done
a very good job of MFC'ing into RELENG_4).  This thread has the common
theme of being cautious.
 
> self contained and doesn't do a lot of string parsing (which is
> where the majority of these vulnerabilities occur) it is actually
> easier to see what's going on, at least for me.

ONLY for one class of vulnerabilities -- buffer overflows.  What about
the easy to guess sequence numbers?  Or the whole class of denial of
service.  There are more vulnerabilities in the world than just buffer
overflows.

> The complexity of the kernel forces you to understand a great deal
> more about the internal interactions of various subsystems.

And I can point to a few MFC that happened too fast in kernel code that
caused real problems -- even in RELENG_4.
 
> We _can_ back things out and we do have a good track record of
> restabilizing once a problem is found.

IMHO, nothing MFC'ed into -stable should ever need to be backed out.  IF
the need arises that means we did a very poor job of MFC'ing.
 
-- 
-- David  (obrien@FreeBSD.org)


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message