Hello list ,
just one thought, If you had a 'package verify" function , wich
automatically installs itself and updates itself on any major update
(a builtin eatire,posible for a future build), then that alone would
eliminate multiple packages, of wich sometimes they have bad
components left behind.
I have seen a similar idea in the ports/vulnerability-test-port , I
think this is a root problem , if you disabled ALL users (well atleast
make a stern admin warning, and log the install that was proceeded
with for root users to PoC etc , to trackback or monitor) , then you
cant get any multiple installs, unless yo are using OLD cds, In wich
case, as I am uninformed in fBSD it seems, (but then i think we are
all misinformed, the users that is,that fbsd is extremely secure and
well to manage,hence making an admin/user think the box is almost
indestructible,it is impossible with Opensource,and now it is being
torn apart,as duely all things do in time i guess).
There just seems to me,that i am seeing alot of fbsd-related
exploitation,unlike 10 or so years ago,when yes, unix was comprisable,
but usually by a brutefrce on a 'god' pass ;).
i am now going to remain idle , and am even leaving the online world,
to concentrate on more iportant things,like getting a Job :).
So good luck to you all, i will still remain here, i just will not be
very Public anymore, it seems i may be upsetting the higher echelons
of fBsd, i can see my firewall ya know ;).
And i dislike what I see, when all i really did, was report a problem
I had myself, and someone I know still has. I am here to only have
that addresses, watching the rest of this list function has shown me
how weak your security is. Yea sure you might have a nametag (Just
like "expert" ;) , but nowdays that dont mean jackshit, and if my
machines are going to be annoyed about it, i would rather just d/c and
move my stuff.
You are the O/S socalled bosses and so@freebsd.org , well, i dont
recall EVER seeing it, so i must be just hopeless ey!
Anyhow I mean o mis or mal-intent, never did..I warned I was looking
into something in my first post here, then received criticism in
public from @frebsd.org .. pfft.. ridiculous, out of ALL the words i
wrote, all that the person could see was 'expert' ... wow.. congrats!
You picked a silly signature error for me. As i am saying.. basically
watching the way this is happening, after posting a 'request' has made
me sicken of ever posting any problems ever again to you.
i find the unprofessionalism , about a silly avaar, ridiculous
considering one person managed to say that, and 10 others in Private
(yes PM! amazing thing that) , they had atlest p[ositive things to
say. yes people make accidents, i have a busy life, NOW not so :) ,
but i just did not know of a security list running, and then another
security officer, I assumed the so@ would be the security-list owner,
so considering I have apaprently been 'public' about something that is
legal, well this is how i am responding, and i will know that if you
treat people this way, toehrs also HAVE and will continue, to leave.
Adios amigos (those that actually read things ;)
Regards,
Drew.
--------------------------------------------------------------------
Drew, the antichrist who reported a flaw.