FreeBSD Ports Security Advisory: FreeBSD-SA-01:INSERT_NUMBER_HERE
FreeBSD Security Advisories
security-advisories at FreeBSD.ORG
Thu Feb 8 12:14:49 PST 2001
=============================================================================
FreeBSD-SA-01:INSERT_NUMBER_HERE Security Advisory
FreeBSD, Inc.
Topic: FreeBSD on record to set most advisory releases for
year 2001
Category: All
Announced: 2001-02-07
Credits: sil at loopback.antioffline.com http://www.antioffline.com
Vendor status: Developers sleeping right now
FreeBSD only: Yes
I. Background
FreeBSD is the most robust chopperating sysdumb in the world and we
mean it. Our TCP stack will kick your TCP stacks hynee. Currently we
are releasing an advisory every 1.95 days which means we are bound
to surpass Microsoft.
II. Problem Description
We normally do not assess security when creating the ports distribution
often allowing anyone to build any program we decide to run in the ports
directory. Recently we have noticed that we can no longer fool users
into thinking because we provide checksumming for the programs, that
they will be secure.
Unlinke other operating systems and the developers of them who audit
their ports, we feel it is not our problem if someone accessess your
system because we're too lazy to do things right the first time.
III. Impact
Obviously anyone can end up control your machine or worse.
IV. Workaround
We will not be mentioning the ultra secure OpenBSD operating system
since we feel it is not our problem and does not help to promote a
better OS than our own.
V. Solution
One of the following:
1) Rub a magic lamp and wait for the security genie to fix it.
2) Download NSA Linux so you too can have miniscule backdoors in it
which you won't see.
3) Pray to the hacker god Kevin Mitnick for assistance.
4) Install a more secure O(penBSD)S
NOTE: FreeBSD developers are now red faced
VI. Shouts
Hard Lee Strange
Mike Hunt
Ivana Swallows
Mike Hock
Dick Famous
Kathie Lee Gifford
This is the moderated mailing list freebsd-announce.
The list contains announcements of new FreeBSD capabilities,
important events and project milestones.
See also the FreeBSD Web pages at http://www.freebsd.org
To Unsubscribe: send mail to majordomo at FreeBSD.org
with "unsubscribe freebsd-announce" in the body of the message
More information about the freebsd-announce
mailing list