Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!yarrina.connect.com.au!munnari.OZ.AU!spool.mu.edu!howland.reston.ans.net!swrinde!newsfeed.internetmci.com!in1.uu.net!EU.net!Germany.EU.net!zib-berlin.de!news.tu-chemnitz.de!irz401!uriah.heep!not-for-mail From: j@uriah.heep.sax.de (J Wunsch) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: What OS for an ISP to use? Date: 18 Nov 1995 13:01:25 +0100 Organization: Private FreeBSD site, Dresden. Lines: 28 Message-ID: <48khul$ksb@uriah.heep.sax.de> References: <1995Nov15.130421.1503@hobbes.kzoo.edu> <48dbgq$g4s@agate.berkeley.edu> NNTP-Posting-Host: uriah.heep.sax.de Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Nick Kralevich <nickkral@parker.EECS.Berkeley.EDU> wrote: >Also, security coverage under Linux appears to be more extensive than >under FreeBSD. This might or might not be right, but your argument: >and the Linux security mailing lists, regarding the telnetd >environment variable security hole (see comp.security.announce for >more information). Even those this problem effected FreeBSD, >there was no discussion in c.u.b.f.m regarding this. ...doesn't prove this. The telnetd security hole has been pre-announced by the originator to the various operating system vendors three weeks in advance of the CERT advisory. For FreeBSD, this message has been sent to the freebsd-core list, and the appropriate fix went into the source tree before the CERT advisory was out. There was evidently no real need to discuss this publically in Usenet. (In addition, Nick, you know very well that most of the discussions regarding FreeBSD's development don't happen in Usenet anyway.) -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)