Re: Wow

From: Chris Doherty (chris-freebsd@randomcamel.net)
Date: 06/26/02


Date: Wed, 26 Jun 2002 13:20:57 -0700
From: Chris Doherty <chris-freebsd@randomcamel.net>
To: freebsd-security@freebsd.org

At some point, Theo de Raadt said:
> I've barely slept in a week.

get some rest.

> So many of you are being totally unreasonable people.

well.

"Upgrade now."

"What versions are vulnerable?"

"Upgrade now."

"*sigh* Okay, I'll upgrade my 40 production machines."

"Okay, the version in -stable is unaffected. Oh yeah, and even if you're
running a vulnerable version, set 'ChallengeResponseAuthentication no' and
you'll be fine."

people aren't being unreasonable. they just wasted a lot of time upgrading
to a new version of software, when in reality probably 95% of cases are
either not vulnerable or can be secured with a simple configuration file
change (I made that number up, of course, but at least on this list it
doesn't seem out of proportion).

for myself with my one machine, I'm just annoyed. if I had gone through
this bullshit on 40 machines, when I could have just modified a config
file, I'd be pissed, and rightfully so.

but, *shrug*. I'll not give such credence to vague warnings in the
future--lesson learned.

Chris

-------------------------------
Chris Doherty
chris [at] randomcamel.net

"I think," said Christopher Robin, "that we ought to eat
all our provisions now, so we won't have so much to carry."
               -- A. A. Milne
-------------------------------

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Relevant Pages

  • Re: Looking Ahead - Upgrade
    ... Well, one of my machines originally had Red Hat 3.3 installed, and it's been upgraded with every release since then, until the current Fedora 8. ... I recall one upgrade, I think it was Red Hat 5, that loaded a kernel that had a bug that caused a complete freeze, and that was triggered only on certain hardware, and I won the lottery. ... a fresh install won't make much of a difference here. ... For each configuration file, open the carried-over one that was left in place, take all the changes you have in the old file, manually merge it into the .rpmnew file, then replace the old configuration file with the .rpmnew file. ...
    (Fedora)
  • Re: messed up upgrade 7.0 & 7.1 to 7.2
    ... I have not been able to figure out how a custom kernel could be ... whatever else it should - all I got was error: configuration file not found ... Portsnap only updates the ports tree, ... upgrade I am supposed to provide the GENERIC kernel in /boot. ...
    (freebsd-questions)
  • Re: a couple remaining issues after dist-upgrade, etch -> lenny
    ... running "aptitude upgrade" tells me that slapd is still ... slapadd: bad configuration file! ... Don't know if defaultaccess is set to write is good enough for your application. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". ...
    (Debian-User)
  • Re: [Fedora 14] Cannot upgrade from 13
    ... Red Hat and Fedora used to be very good at doing upgrades from one ... Always keep a copy of the last official released configuration file, ... until some update or upgrade next breaks your system. ...
    (comp.os.linux)
  • a couple remaining issues after dist-upgrade, etch -> lenny
    ... running "aptitude upgrade" tells me that slapd is still ... error while running slapadd: ... slapadd: bad configuration file! ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)