tech-security: Re: NFS file handles are guessable.

Subject: Re: NFS file handles are guessable.
To: Bill Sommerfeld <sommerfeld@orchard.east-arlington.ma.us>
From: Perry E. Metzger <perry@piermont.com>
List: tech-security
Date: 03/10/1997 11:35:15

Bill Sommerfeld writes:
> Quoting from the regulations:
> 
>           c.3. ``Software'' designed or modified to protect against malicious
>       computer damage, e.g., viruses;
> 
> It is not at all clear what this was intended to mean.
> 
> Under a broad interpretation of the regulations, NetBSD (and any other
> OS with a real security model) *without* /dev/random would be
> export-controlled.
> 
> Under a narrow interpretation of the regulations, this would cover
> only virus-scanning software.

1) I believe the broader interpretation was intended.
2) I believe that if the broader interpretation was enforced, we would
   have plenty of pro bono legal help from the best law firms.

Frankly, though, I'm sick of the circus. We have a standing offer from
people in Finland to host the NetBSD master source machine there, in
the free part of the world, so that the U.S. users would only import
NetBSD and never export it. We would scrap our current domestic
distribution and have a unified distribution integrated by people
outside the U.S.  It may be worth our doing so.

Perry