Date: Sun, 15 Dec 2002 11:14:41 -0700 (MST) From: "M. Warner Losh" <imp@bsdimp.com> To: dillon@apollo.backplane.com Cc: sam@errno.com, mux@FreeBSD.ORG, obrien@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: ipfw userland breaks again. Message-ID: <20021215.111441.05985858.imp@bsdimp.com> In-Reply-To: <200212150015.gBF0FlbS066547@apollo.backplane.com> References: <200212142351.gBENpBVH002931@apollo.backplane.com> <23f401c2a3ce$2a6e7e30$52557f42@errno.com> <200212150015.gBF0FlbS066547@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message: <200212150015.gBF0FlbS066547@apollo.backplane.com>
Matthew Dillon <dillon@apollo.backplane.com> writes:
: :I disagree with committing this hack; keep it as a local mod if you must.
: :
: :As to the problem; don't wait for Luigi to "fix the ABI problems", do it
: :yourself. Good things happen when folks are PO'd and won't settle for the
: :status quo.
: :
: : Sam
:
: I'm sorry you disagree, but it doesn't change my position. I am not
: in the business of rewriting other people's APIs. If it means so much
: to you, YOU go and fix it. No? Then don't complain about my fix. It's
: no skin off your nose and it will prevent a lot of future headaches,
: especially if the RC system makes it nice and friendly.
I don't like the patch from a security standpoint. It makes it to
easy to turn off a firewall. If you want to be that stupid about
security, you should just make the default be 'accept all' and be done
with it. I'm opposed to this patch unless you can get the security
officer to sign off on it. The defaults are there for a reason so
that we fail 'safe' from a security point of view.
The real fix is to fix the abi problems.
Warner
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021215.111441.05985858.imp>