*BSD News Article 89423


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!lucy.swin.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!cs.mu.OZ.AU!munnari.OZ.AU!spool.mu.edu!howland.erols.net!newsxfer3.itd.umich.edu!news.itd.umich.edu!honey
From: honey@citi.umich.edu (peter honeyman)
Newsgroups: comp.unix.bsd.netbsd.misc
Subject: Re: Careless integration of others' code (WAS Re: Why no addusr?)
Date: Sun, 16 Feb 1997 10:26:06 EST
Organization: Center for Information Technology Integration, Univ of Michigan
Lines: 11
Message-ID: <1997Feb16.102606@screwem.citi.umich.edu>
References: <none-ya023480001912962244220001@news.infi.net> <DERAADT.97Feb15155022@zeus.pacifier.com> <5e5vkb$d89@panix2.panix.com> <DERAADT.97Feb15212032@zeus.pacifier.com> <5e6e59$nmq@panix2.panix.com> <slrn5gdi5r.cne.tqbf@char-star.rdist.org>
Reply-To: honey@citi.umich.edu
NNTP-Posting-Host: screwem.citi.umich.edu
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.netbsd.misc:5435

Thomas H. Ptacek writes:
  as an interested third party, can you (or anyone else) document an actual
  security problem introduced into OpenBSD as a result of the integration of
  external code?

be careful what you ask for.  the netbsd cabal seems determined to
vandalize openbsd (documented in this newsgroup).  i guess this is
what they do with all the time left spare by ignoring bug reports 
in their own code.

	peter