Great Circle Associates Firewalls
(October 1996)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: The great source code debate (WAS: Re: Checkpoint)
From: "Jonathan M. Bresler" <jmb @ FRB . GOV>
Date: Thu, 17 Oct 1996 15:43:08 -0400
To: Russ <Russ . Cooper @ RC . Toronto . on . ca>
Cc: "firewalls @ greatcircle . com" <firewalls @ GreatCircle . COM>, "'Michael S. Fischer'" <otterley @ lucinda . digigami . com>
In-reply-to: Your message of "Thu, 17 Oct 1996 10:39:00 EDT." <511C83071F25D0118E4600A02458D19C00000000084B @ ns . rc . toronto . on . ca>

>--Once you've traveled down the "whee, let's modify the source" route, 
>remember, its a never-ending journey. So while I can fully understand 

	i beg to differ with you.  if you submit your changes back
into the distribution source tree, the distributors will often accept
those changes and incorporate them.  the changes will be distributed 
in the next release.  its not a never-ending journey, but rather
you can decide with each release whether or not to embark on that 
journey.  witness the FreeBSD project.

>some people/company's desire to do this, for very valid security 
>reasons, its something that has to be done for the rest of the useful 
>life of that tool. If you, the person who modified the source for your 
>company, move on to greener pastures (whether that be in the same 
>company or a different one), who continues to modify the source after 
>your gone? When the OS vendor who made your original OS comes along 
>with a new version, who goes through your notes to identify what needs 
>to be patched, and then does the analysis of whether or not those 
>patches need to be applied to the new version of the OS? If your 

	see above

>company does not maintain that skillset for the future, what happens to 
>systems that have been built out of customized modifications? If your 
>log reporting tool expects customized labels to identify risks that 
>your company has deemed more important, those labels have to be added 
>to every version in the future...you get my drift here.
>



-- 
Jonathan M. Bresler             202-452-2831                 breslerj @
 frb .
 gov
MS-169          Federal Reserve Board of Governors        Washington DC 20551
Speaking for myself.  Others speak for the Federal Reserve Board of Governors




References:
Indexed By Date Previous: Re: Sneaky card
From: Rabid Wombat <wombat @ mcfeely . bsfs . org>
Next: FW: The great source code debate (WAS: Re: Checkpoint)
From: "william.wells" <william . wells @ damark . com>
Indexed By Thread Previous: RE: The great source code debate (WAS: Re: Checkpoint)
From: Russ <Russ . Cooper @ RC . Toronto . on . ca>
Next: FW: The great source code debate (WAS: Re: Checkpoint)
From: "william.wells" <william . wells @ damark . com>

Google
 
Search Internet Search www.greatcircle.com