On 4/14/2014 7:32 AM, Jamie Landeg-Jones wrote: > Matt Dawson <[email protected]> wrote: > >> My first thought when I saw this was "ego over ethics," which says more >> about Theo than FreeBSD. > > Totally. > > I know Theo has a reputation for being 'difficult', but in my opinion, > this outburst really calls into question his perceived motivations > regarding secure software. > > As to the specific question, I don't think his ego would allow a bug > in openssh to persist, so even if it does, I'd suspect it's not too > serious (or it's non-trivial to exploit), and it's related to FreeBSD > produced 'glue'. > > This is total guesswork on my part, but I'd therefore assume he was > talkining about openssh in base, rarther than openssh-portable in > ports. >
As the maintainer of the port I will say that your security decreases with each OPTION/patch you apply. I really would not be surprised if one of the optional patches available in the port had issues. -- Regards, Bryan Drewery
signature.asc
Description: OpenPGP digital signature
