===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.28
retrieving revision 1.29
diff -c -r1.28 -r1.29
*** www/security.html	1998/02/24 00:30:49	1.28
--- www/security.html	1998/02/24 00:53:56	1.29
***************
*** 52,58 ****
  many bugs, and endeavor to simply fix them even though exploitability
  is not proven.  We have fixed many simple and obvious careless
  programming errors in code and then only months later discovered that
! the problems were in fact exploitable.  This proactive auditing
  process has really paid off.  Statements like ``This problem was fixed
  in OpenBSD about 6 months ago'' have become commonplace in security
  forums like <a href=http://www.geek-girl.com/bugtraq/index.html>BUGTRAQ</a>.<p>
--- 52,65 ----
  many bugs, and endeavor to simply fix them even though exploitability
  is not proven.  We have fixed many simple and obvious careless
  programming errors in code and then only months later discovered that
! the problems were in fact exploitable.  In other cases we have been
! saved from full exploitability of complex step-by-step attacks because
! we had fixed one of the steps.  An example of where we did this is the
! <a href=www.secnet.com/sni-advisories/sni-19.bsd.lpd.advisory.html>
! lpd advisory from
! Secure Networks.</a><p>
! 
! This proactive auditing
  process has really paid off.  Statements like ``This problem was fixed
  in OpenBSD about 6 months ago'' have become commonplace in security
  forums like <a href=http://www.geek-girl.com/bugtraq/index.html>BUGTRAQ</a>.<p>
***************
*** 113,122 ****
  	If a problem is proven and serious, a patch will be available
  	here very shortly after.
  <li>Track our current source code tree, and teach yourself how to do a
! 	complete system build from time to time.  Make the assumption
! 	that the current source tree always has stronger security.
! <li>Install a binary <a href=snapshots.html>snapshots</a>, which are
! 	made available fairly often.
  </ul>
  
  <p>
--- 120,131 ----
  	If a problem is proven and serious, a patch will be available
  	here very shortly after.
  <li>Track our current source code tree, and teach yourself how to do a
! 	complete system build from time to time (read /usr/src/Makefile
! 	carefully).  Users can make the assumption that the current
! 	source tree always has stronger security than the previous release.
! <li>Install a binary <a href=snapshots.html>snapshot</a> for your
! 	architecure, which are made available fairly often.  For
! 	instance, an i386 snapshot is typically made available weekly. 
  </ul>
  
  <p>
***************
*** 136,142 ****
  <a href=index.html><img src=/back.gif border=0 alt=OpenBSD></a>
  <a href=mailto:www@openbsd.org>www@openbsd.org</a>
  <br>
! <small>$OpenBSD: security.html,v 1.28 1998/02/24 00:30:49 deraadt Exp $</small>
  
  </body>
  </html>
--- 145,151 ----
  <a href=index.html><img src=/back.gif border=0 alt=OpenBSD></a>
  <a href=mailto:www@openbsd.org>www@openbsd.org</a>
  <br>
! <small>$OpenBSD: security.html,v 1.29 1998/02/24 00:53:56 deraadt Exp $</small>
  
  </body>
  </html>