svn commit: r335402 - head/sbin/veriexecctl
Conrad Meyer
cem at freebsd.org
Wed Jun 20 17:54:20 UTC 2018
Hi Simon,
Jonathan points out some of my comments were more acerbic than
necessary. I apologize for that. I'd like to try to rephrase them in
a more clear way.
On Wed, Jun 20, 2018 at 8:43 AM, Conrad Meyer <cem at freebsd.org> wrote:
> On Tue, Jun 19, 2018 at 11:21 PM, Simon J. Gerraty <sjg at juniper.net> wrote:
>> As I mentioned in my talk at BSDCan,
>
> (FWIW, I was not at your talk, and it is not a justification for bad
> design or implementation anyway.)
I said before and I'll repeat: I think this design is pretty close to
a reasonable security feature. I think it currently has a number of
serious — but addressable — flaws, some of which I have tried to
outline.
> ...
> Why is this either necessary or helpful to be in the FreeBSD tree
> as-is? I don't think it is, and you should revert it. Please. I
> don't know if there's a maintainer timeout on this kind of thing, but,
> you are forewarned.
Sorry, this was a poor choice of words.
I mean to say something like: I asked for a revert in an earlier
email, and this reply did not address the primary reason for the
revert, so I am still asking for a revert. I can do it myself, but I
would like to give the committer the opportunity to do it themselves.
(In private, Stephen has let me know he will do so when he gets back
to his FreeBSD machines, so there's no need for that anyway.)
All the best,
Conrad
More information about the svn-src-all
mailing list