realpath(3) et al

Tue Aug 12 08:31:22 PDT 2003

Well, not only would it save companies money, but it would be beneficial for
FreeBSD and system administrators as well. I know several administrators who
are forced to work with Linux because it is "certified" and "more widely
supported" than "any of the BSDs". This is, of course, absolute crap, but
without any audit certifications, companies are less likely to even take a
peek into what FreeBSD can offer.

I'd personally be willing to contribute a bit of money (probably even more
as I come to have it). However, I do not feel comfortable donating this
money saying, "Here's $150, use it for a certification." and then needing
not knowing if/when others will be doing the same. There needs to be an
initiative from the FreeBSD group to get this started -- people need to be
able to click a button on the front page of freebsd.org and be able to
donate as much money as they want (or find out where to send a check).

In any case, 150 companies donating $1,000 would only cover 10% of the money
needed for this certification. I don't know how many companies are using
FreeBSD nor do I know their interests in helping with the evolution of
FreeBSD; I would guess, however, that there are enough companies and private
parties who would be able to fund this type of project. It would be
beneficial to them (as you've just proven) and to the project overall.

Should I propose this on freebsd-audit? Is there any way I can help other
than via a monetary contribution? I'd like to do both.

Kind regards,

Devon H. O'Dell
Systems and Network Engineer
Simpli, Inc. Web Hosting
http://www.simpli.biz

> -----Oorspronkelijk bericht-----
> Van: owner-freebsd-security at freebsd.org [mailto:owner-freebsd-
> security at freebsd.org] Namens Chris Odell
> Verzonden: Tuesday, August 12, 2003 5:16 PM
> Aan: 'Devon H. O'Dell'
> CC: security at freebsd.org
> Onderwerp: RE: realpath(3) et al
> 
> 
>   Corporations - INTERNET Companies...
> 
>   If you look at the big picture, having a O.S. that has been audited
> for issues would actually be cost effective for them. Having to patch a
> machine that is in service causes downtime.
> 
>   Lets see -
> 
>   Each machine takes ten (10) minutes of human work to drop into single
> user mode and install new binaries/kernels
> 
>   The company has one thousand (1000) machines
> 
>   That comes to ten thousand (10000) minutes, broken down to hours - 167
> Hours
> 
>   The average admin say is making forty five (45) dollars a hour - over
> $7000.00 - not including taxes paid by employer.
> 
>   So if one hundred fifty companies donated one thousand dollars (1000)
> it would save them downtime, payroll, and taxes.
> 
>   Just a rough estimate and my 2 cents
> 
> 
> Chris Odell
> chris at redstarnetworks.net
> 
> 
> -----Original Message-----
> From: owner-freebsd-security at freebsd.org
> [mailto:owner-freebsd-security at freebsd.org] On Behalf Of Devon H. O'Dell
> Sent: Tuesday, August 12, 2003 7:42 AM
> To: 'Brooks Davis'
> Cc: security at freebsd.org
> Subject: RE: realpath(3) et al
> 
> 
> Okay, so where do we begin with taking contributions?
> 
> Devon
> 
> > -----Oorspronkelijk bericht-----
> > Van: owner-freebsd-security at freebsd.org [mailto:owner-freebsd-
> > security at freebsd.org] Namens Brooks Davis
> > Verzonden: Tuesday, August 12, 2003 4:38 PM
> > Aan: Devon H. O'Dell
> > CC: security at freebsd.org
> > Onderwerp: Re: realpath(3) et al
> >
> > On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote:
> > > What sorts of security standards commissions are there, how much
> > > does getting "standards certified" cost, and where should we start?
> >
> > I think the ballpark number I heard for a minimal certification under
> > Common Criteria was $1.5m.
> >
> > -- Brooks
> 
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to
> "freebsd-security-unsubscribe at freebsd.org"
> 
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-
> unsubscribe at freebsd.org"