Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip

From: Karsten W. Rohrbach (karsten@rohrbach.de)
Date: 04/20/02

Next message: Brian Nelson: "Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip"
Previous message: Peter Leftwich: "Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip"
In reply to: Peter Leftwich: "Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip"
Next in thread: Brian Nelson: "Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 20 Apr 2002 03:14:59 +0200
From: "Karsten W. Rohrbach" <karsten@rohrbach.de>
To: Peter Leftwich <Hostmaster@Video2Video.Com>

Peter Leftwich(Hostmaster@Video2Video.Com)@2002.04.19 20:50:16 +0000:
> On Sat, 20 Apr 2002, Karsten W. Rohrbach wrote:
[...]
> > Brett Glass(brett@lariat.org)@2002.04.19 16:12:33 +0000:
> > > At 04:07 PM 4/19/2002, Doug Barton wrote:
> > > >I long ago forgot what it was like to be a new FreeBSD user,
>
> questions@freebsd.org
>
> > > This is part of the problem here. We should care a lot about newcomers' experience, and respect the fact that no matter how bright they are they cannot learn everything at once. Expecting a new user to master CVSup is unreasonable.
>
> Hi Karsten. The FreeBSD (and most *nix OS folk) community *does* care tons

you are quote-quoting brett here ;-)
i /do/ know that _especially_ the freebsd folks /do/ care.

> > brett, i'm sorry, but reading this thread made me think about the
> > days when i started using freebsd and set up my first server. after
> > being left alone at a root user prompt "# " i learned how to
> > configure the stuff in /etc, that docs are in /usr/share/doc, how to
> > install packages, and then how to cvsup (for building upt to date
> > versions out of the ports tree).
>
> I always log in as root - The thinking is... rm doesn't scare me one bit! :)

sensing some amount of irony here, yes a new user logs in as root,
because he got a "blank" system, with (hopefully) limited userland.
i doesn't matter how many times you tell him "no do not log in as root",
he will understand it when he executed his first more complex shell
command containing "rm" ;-)

> > in my personal opinion, i find the RPM or binary-only distribution
> > mechanism very dangerous for users, because it is mainly the
> > microsoft approach to hide software complexity behind an interface
> > the user has to trust. i personally do not trust binary package
> > systems (although i am forced to use them sometimes), nor do i
> > blindly trust the ports tree. yes, i mean i _read_ the make files
> > and view the output of the make process before installing a port the
> > first time on one box. then i make a package out of it. that's all
> > personal preference, yes.
>
> Don't know practically nuttin about RPM, but if you are concerned about
> security and customizable control of pkg_add, remember the following: You
> can *always* just ftp the package (a tarball, or somecommandhere_3.1.1.tgz)
> to your box, gunzip and untar the contents... edit them in your favorite
> editor and then "make" or "make clean" or "make install" manually (you can
> tell beyond a certain point in this sentence I know not about what I speak)!

yes, i know. but after the "USA_RESIDENT=no vs. kerberos lib linkage in
packages" issue, i rather roll my own, thanks.

> Hope this has been as fun for y'all as it hath fer me.

your mua does terrible things to line breaks. please check and fix ;-)

regards,
/k

-- 
> Fools ignore complexity. Pragmatists suffer it. Some can avoid it.
> Geniuses remove it.
> --Perlis's Programming Proverb #58, SIGPLAN Notices, Sept. 1982 
KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie
http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/
GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE  DF22 3340 4F4E 2964 BF46
My mail is GnuPG signed -- Unsigned ones are bogus -- http://www.gnupg.org/
Please do not remove my address from To: and Cc: fields in mailing lists. 10x

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

application/pgp-signature attachment: stored

Next message: Brian Nelson: "Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip"
Previous message: Peter Leftwich: "Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip"
In reply to: Peter Leftwich: "Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip"
Next in thread: Brian Nelson: "Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Math Problem - Maximizing Number of 3D Objects in a Container
... track of packages being shipped in cargo containers. ... dimensions of the packages and the dimensions ... of the container, and I have to figure out how many containers ... Its a classic computational complexity theory problem called the 'bin ...
(comp.databases.filemaker)
Re: documentation for phantomsection
... The size and complexity for the user is already ... by packages other than hyperref, so I strongly believe that it ... would be all round confusing to change it. ...
(comp.text.tex)
Password filter not applied
... Modified the registry ... packages). ... Password must meet complexity a requirement is on. ... Customize policy is not in effect… ...
(microsoft.public.security)
programmatically password complexity
... complexity for OS accounts is enabled? ... Windows NT 4 with SP2 the fact of having PASSFILT in ...
(microsoft.public.platformsdk.security)