On Tue, May 24, 2005 at 09:18:58AM -0700, Bruno Delbono wrote:
> [EMAIL PROTECTED] wrote:
>
> >Ports aren't generally checked for much other than "Does it build?" and
> >"Does it work?".
>
> So, secure by default means that you should only run OpenBSD as it comes
> and do not touch anything on it. Or else, it won't be secure by default;
> your warranty is voided and Theo will spank you.
"in the base install" is a very important phrase. Ports don't get
audited much, if at all. This isn't any sort of slap to the porters;
it's just there's a *lot* of code in the port and examing that code
for correctness isn't their intent. Ports are a convenience, not a
promise. Postfix and cyrus aren't base install, and therefore aren't
covered. Ain't life terrible?
--
83. If I'm eating dinner with the hero, put poison in his goblet, then have to
leave the table for any reason, I will order new drinks for both of us
instead of trying to decide whether or not to switch with him.
--Peter Anspach's list of things to do as an Evil Overlord
