gwes <[email protected]> wrote: > On 7/18/21 8:55 PM, Theo de Raadt wrote: > > Lots of excellent reasons. > > > > > Is there any document available which describes your concept of how > systems running OpenBSD are used? > > E.g. mobile laptop, home user desktop, office desktop, single local > net server, multiple local servers, > single gateway, multihomed gateway, server(s) to general world, etc, etc. > If those aren't valid categories, could you mention what are valid ones. > I'd like some idea of where your concept of the 99% vs 1% division lies.
The usage case is irrelevant. We are the developers and we get to make the decisions without creating a 'document'. You overstate your position by demanding an explanation. We don't even need to be replying to these rude emails. The situation is actually pretty simple: dhclient is not strongly priv-seperated, and pretty much the riskiest program people run on their machines. People have gotten addicted to it. In 2016 we held a hackathon whiteboard session and come up with a rough design that would satisfy all the resolver-related security concerns. All the pieces have now been written, and we will continue the refinement in-tree. If you insist upon a document I am sure florian and I can come up with one, please contact us privately for Standard Rates.
