[5100] in WWW Security List Archive
Re: Do you trust tools from GNU?
daemon@ATHENA.MIT.EDU (Klaus Lichtenwalder)
Wed Apr 16 12:12:24 1997
Date: Wed, 16 Apr 1997 16:05:21 +0100 (WET DST)
From: Klaus Lichtenwalder <Klaus.Lichtenwalder@WebForum.DE>
To: "David W. Morris" <dwm@xpasc.com>
cc: www-security@ns2.rutgers.edu
In-Reply-To: <Pine.SOL.3.95.970415142811.10219C-100000@shell1.aimnet.com>
Errors-To: owner-www-security@ns2.rutgers.edu
On Tue, 15 Apr 1997, David W. Morris wrote:
>[...]
> Dave Morris
>
> (It is of course possible that this did not come from a real member of
> the GNU project and their security policies may actually be more rigorous
> than your favorite security conscious commercial compiler vendor)
I strongly believe so, there are quite some security conscious people
out there. Besides, the world is bad, be there idealists or not
>
> -------------------- referenced post ----->
>
> Project GNU doesn't exactly count as a `vendor'; nor am I really
> an official representive.
> [...]
> As a practical matter, it's a huge inconvinience to me when I'm not
> root. Many other contributors to GNU feel that way, and I think
> that has something to with our decisions to configure our machines
> in a less than paranoid way.
For people doing real and good unix tools I can't believe that
somebody's using is computer in DOS mode. I have quite some su passwords
lying (figuratively) around and not being root more often than not saved
my life ... I don't get any kicks doing things as root.
> [...]
Klaus
________________________________________________________________________
Klaus Lichtenwalder, Dipl. Inform., PGP Key: email to key@Four11.com
Lichtenwalder@ACM.org, http://www.wp.com/Klaus, fax: +49-89-91072699
Need a (virtual) vacation? Go check: http://www.bavaria.com
Unsolicited e-mail advertising and spam will not be tolerated
