Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!spool.mu.edu!howland.erols.net!panix!news.panix.com!not-for-mail From: tls@panix.com (Thor Lancelot Simon) Newsgroups: comp.unix.bsd.netbsd.misc,comp.security.unix Subject: Re: OpenBSD hides security fixes (and blindly integrates code) Date: 16 Feb 1997 20:32:20 -0500 Organization: Panix Lines: 26 Message-ID: <5e8cf4$83s@panix2.panix.com> References: <none-ya023480001912962244220001@news.infi.net> <DERAADT.97Feb16012623@zeus.pacifier.com> <5e6mjn$q3n@panix2.panix.com> <5e6o39$6am@news.pacifier.com> Reply-To: tls@rek.tjls.com NNTP-Posting-Host: panix2.panix.com Xref: euryale.cc.adfa.oz.au comp.unix.bsd.netbsd.misc:5411 comp.security.unix:31820 In article <5e6o39$6am@news.pacifier.com>, Jason Downs <downsj@threadway.teeny.org> wrote: >In article <5e6mjn$q3n@panix2.panix.com>, >Thor Lancelot Simon <tls@rek.tjls.com> wrote: >]In article <DERAADT.97Feb16012623@zeus.pacifier.com>, >]Theo de Raadt <deraadt@theos.com> wrote: >]>I'll bet you don't. >] >]No, he doesn't. Neither do I. In fact, we beat this to death internally, and >]I don't really think anyone's glad that it happened. On the other hand, quite >]a few people expressed surprise that said #ifndef made it into OpenBSD, since >]that pretty clearly indicates that said code was integrated _without anyone >]ever even reading it_ -- rather a stunner, for an operating system which >]claims to have security as one of its primary goals. > >So you're saying that in the future NetBSD plans to commit outright security >holes to the arch-dependant portions of their tree? Did I say that? No, I didn't say that. I suggest you stop making things like that up, lest you discredit yourself further. -- This space not left unintentionally unblank. tls@rek.tjls.com $OpenBSD: locore.s,v 1.5 1996/10/30: Blindly integrating source code, $OpenBSD: locore.s,v 1.7 1997/01/24: so you can lose for 8 weeks. "Sleep tight."