diff --git a/data/auditors.sgml b/data/auditors.sgml
index d95338a7e4..b44065d6b4 100644
--- a/data/auditors.sgml
+++ b/data/auditors.sgml
@@ -1,5 +1,5 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
-<!ENTITY date "$Date: 1997-02-18 01:04:17 $">
+<!ENTITY date "$Date: 1997-02-19 13:49:10 $">
 <!ENTITY title "FreeBSD Auditing Project">
 <!ENTITY % includes SYSTEM "includes.sgml"> %includes;
 ]>
@@ -14,7 +14,7 @@
 
 <H1>General Information</H1>
 
-<em>Last Updated: $Date: 1997-02-18 01:04:17 $ </em>
+<em>Last Updated: $Date: 1997-02-19 13:49:10 $ </em>
 
 <H2>Overview</H2>
 
@@ -84,9 +84,11 @@ into the <strong>2.1</strong> and <strong>2.2</strong> branches.
 complex that I have turned it into a <a href="security.html">FreeBSD
 Security Guide</a>.  Please read this now if you haven't already.
 
-Another excellent document is the <a
+Other excellent documents are the <a
 href="ftp://ftp.auscert.org.au/pub/auscert/papers/secure_programming_checklist">
-Secure Programming Checklist</a>, available from AUSCERT.
+Secure Programming Checklist</a> and the <a
+href="ftp://ftp.auscert.org.au/pub/auscert/papers/unix_security_checklist">
+Unix Security Checklist</a>, both available from AUSCERT.
 
 <H2>Sign-Up sheet:</H2>
 
@@ -109,24 +111,126 @@ auditors will be assuming that the other 10 items are handled!</P>
 To sign up for something, please send mail to <a
 href="mailto:jkh@FreeBSD.org"> jkh@FreeBSD.org</a>.
 
-<P>
-<TABLE border=2 cellpadding=3>
-<TR><TH>Module</TH>		<TH>Auditor(s)</TH>	<TH>Reviewer(s)</TH> <TH>Status</TH>
-<TR><TD>lib</TD>		<TD>pst,ak</TD>		<TD>jkh,dg,gvr,imp</TD>	<TD>gvr</TD>
-<TR><TD>libc</TD>		<TD>ee</TD>		<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>libdisk</TD>		<TD>open</TD>		<TD>phk,gvr</TD>	<TD>Open</TD>
-<TR><TD>libexec</TD>		<TD>imp,crh,ee,witr</TD>	<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>telnetd</TD>		<TD>ac,dn</TD>		<TD>imp,gvr</TD>	<TD>Open</TD>
-<TR><TD>bin</TD>		<TD>ac,gvr,ee</TD>	<TD>imp,md,gvr</TD>	<TD>Open</TD>
-<TR><TD>sbin</TD>		<TD>taob,imp,ee,or</TD>	<TD>md,gvr</TD>	<TD>Open</TD>
-<TR><TD>usr.sbin</TD>		<TD>imp,rd,marc,ee,ejc,jm</TD>	<TD>md,gvr</TD>	<TD>Open</TD>
-<TR><TD>usr.bin</TD>		<TD>rb,rjk,rd,jha,ee,ky,bob,jm</TD>	<TD>md,gvr</TD>	<TD>Open</TD>
-<TR><TD>eBones</TD>		<TD>mrvm</TD>		<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>secure</TD>		<TD>mrvm,dc</TD>		<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>games</TD>		<TD>xaa,ab,ee</TD>		<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>lkm</TD>		<TD>dob</TD>		<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>release</TD>		<TD>open</TD>		<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>contrib</TD>		<TD>cg</TD>		<TD>gvr</TD>	<TD>Open</TD>
+<P></P><TABLE BORDER="2" CELLPADDING="3">
+<TR><TH>Module</TH><TH>Auditor(s)</TH><TH>Reviewer(s)</TH>
+<TH>Status</TH></TR>
+<TR><TD><A HREF="mailto:audit-bin@FreeBSD.ORG">bin</A></TD>
+<TD>
+<A HREF="mailto:adrian@psinet.net.au">ac</A>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:guido@FreeBSD.org">gvr*</A>
+<A HREF="mailto:jehamby@lightside.com">jh</A>
+<A HREF="mailto:top@bird.cris.net">ka</A>
+<A HREF="mailto:mudge@l0pht.com">mu</A>
+<A HREF="mailto:vadim@tversu.ac.ru">vk</A>
+</TD>
+<TD><A HREF="mailto:imp@FreeBSD.org">imp*</A> <A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-contrib@FreeBSD.ORG">contrib</A></TD>
+<TD>
+<A HREF="mailto:gryphon@healer.com">cg</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-eBones@FreeBSD.ORG">eBones</A></TD>
+<TD>
+<A HREF="mailto:mark@grondar.za">mrvm*</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-games@FreeBSD.ORG">games</A></TD>
+<TD>
+<A HREF="mailto:aaronb@j51.com">ab</A>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:xaa@stack.nl">xaa</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-init@FreeBSD.ORG">init</A></TD>
+<TD>
+<A HREF="mailto:giles@nemeton.com.au">gl</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-lib@FreeBSD.ORG">lib</A></TD>
+<TD>
+<A HREF="mailto:apk@itl.waw.pl">ak</A>
+<A HREF="mailto:nordquist@platinum.com">bjn</A>
+<A HREF="mailto:pst@FreeBSD.org">pst*</A>
+</TD>
+<TD><A HREF="mailto:davidg@FreeBSD.org">dg*</A> <A HREF="mailto:imp@FreeBSD.org">imp*</A> <A HREF="mailto:jkh@FreeBSD.org">jkh*</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-libc@FreeBSD.ORG">libc</A></TD>
+<TD>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:mudge@l0pht.com">mu</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-libexec@FreeBSD.ORG">libexec</A></TD>
+<TD>
+<A HREF="mailto:henrich@crh.cl.msu.edu">crh</A>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:imp@FreeBSD.org">imp*</A>
+<A HREF="mailto:witr@rwwa.com">witr</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-lkm@FreeBSD.ORG">lkm</A></TD>
+<TD>
+<A HREF="mailto:obrien@NUXI.com">dob</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-sbin@FreeBSD.ORG">sbin</A></TD>
+<TD>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:imp@FreeBSD.org">imp*</A>
+<A HREF="mailto:roberto@keltia.freenix.fr">or*</A>
+<A HREF="mailto:taob@risc.org">tao</A>
+</TD>
+<TD><A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-secure@FreeBSD.ORG">secure</A></TD>
+<TD>
+<A HREF="mailto:tenser@spitfire.ecsel.psu.edu">dc</A>
+<A HREF="mailto:mark@grondar.za">mrvm*</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-telnetd@FreeBSD.ORG">telnetd</A></TD>
+<TD>
+<A HREF="mailto:adrian@psinet.net.au">ac</A>
+<A HREF="mailto:davidn@labs.usn.blaze.net.au">dn</A>
+</TD>
+<TD><A HREF="mailto:imp@FreeBSD.org">imp*</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-usr.bin@FreeBSD.ORG">usr.bin</A></TD>
+<TD>
+<A HREF="mailto:bob@luke.pmr.com">bob</A>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:jha@cs.purdue.edu">jha</A>
+<A HREF="mailto:mollers.pad@sni.de">jm</A>
+<A HREF="mailto:yokota@zodiac.mech.utsunomiya-u.ac.jp">ky*</A>
+<A HREF="mailto:rbezuide@oskar.nanoteq.co.za">rb</A>
+<A HREF="mailto:rajivd@sprynet.com">rd</A>
+<A HREF="mailto:rjk@grauel.com">rjk</A>
+<A HREF="mailto:vadim@tversu.ac.ru">vk</A>
+</TD>
+<TD><A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-usr.sbin@FreeBSD.ORG">usr.sbin</A></TD>
+<TD>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:ejc@gargoyle.bazzle.com">ejc</A>
+<A HREF="mailto:giles@nemeton.com.au">gl</A>
+<A HREF="mailto:imp@FreeBSD.org">imp*</A>
+<A HREF="mailto:mollers.pad@sni.de">jm</A>
+<A HREF="mailto:marcs@znep.com">marc</A>
+<A HREF="mailto:rajivd@sprynet.com">rd</A>
+</TD>
+<TD><A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
 </TABLE>
 
 <H2>Auditor/Reviewer keys</H2>
@@ -141,65 +245,187 @@ reach just the auditors & reviewers for a specific category, say
 <a href="mailto:audit-usr.sbin@FreeBSD.org">
 audit-<strong>usr.sbin</strong>@FreeBSD.org</a>.</P>
 
-<TABLE cellpadding=2>
-<TR><TH>Key</TH>	<TH>Auditor/Reviewer Name and Email address</TH>
-<TR><TD>ab</TD>		<TD>Aaron Bornstein <a href="mailto:aaronb@j51.com">aaronb@j51.com</a></TD>
-<TR><TD>ac</TD>		<TD>Adrian Chadd <a href="mailto:adrian@psinet.net.au">adrian@psinet.net.au</a></TD>
-<TR><TD>ak</TD>		<TD>Adam Kubicki <a href="mailto:apk@itl.waw.pl">apk@itl.waw.pl</a></TD>
-<TR><TD>am</TD>		<TD>Albert Mietus <a href="mailto:albert@gamp.hacom.nl">albert@gamp.hacom.nl</a></TD>
-<TR><TD>avk</TD>	<TD>Alexander V. Kalganov <a href="mailto:top@sonic.cris.net">top@sonic.cris.net</a></TD>
-<TR><TD>bb</TD>		<TD>Bob Bishop <a href="mailto:rb@gid.co.uk">rb@gid.co.uk</a></TD>
-<TR><TD>bob</TD>	<TD>Bob Willcox <a href="mailto:bob@luke.pmr.com">bob@luke.pmr.com</a></TD>
-<TR><TD>btm</TD>	<TD>Brian T. Michely <a href="mailto:brianm@cmhcsys.com">brianm@cmhcsys.com</a></TD>
-<TR><TD>cg</TD>		<TD>Coranth Gryphon <a href="mailto:gryphon@healer.com">gryphon@healer.com</a></TD>
-<TR><TD>cl</TD>		<TD>Chris Lambertus <a href="mailto:cmlambertus@ucdavis.edu">cmlambertus@ucdavis.edu</a></TD>
-<TR><TD>crh</TD>	<TD>Charles Henrich <a href="mailto:henrich@crh.cl.msu.edu">henrich@crh.cl.msu.edu</a></TD>
-<TR><TD>dc</TD>		<TD>Dan Cross <a href="mailto:tenser@spitfire.ecsel.psu.edu">tenser@spitfire.ecsel.psu.edu</a></TD>
-<TR><TD>dg*</TD>	<TD>David Greenman <a href="mailto:davidg@FreeBSD.org">davidg@FreeBSD.org</a></TD>
-<TR><TD>din</TD>	<TD>Dinesh Nair <a href="mailto:dinesh@alphaque.com">dinesh@alphaque.com</a></TD>
-<TR><TD>dn</TD>		<TD>David Nugent <a href="mailto:davidn@labs.usn.blaze.net.au">davidn@labs.usn.blaze.net.au</a></TD>
-<TR><TD>dob*</TD>	<TD>David E. O'Brien <a href="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</a></TD>
-<TR><TD>dz</TD>		<TD>Danny J. Zerkel <a href="mailto:dzerkel@phofarm.com">dzerkel@phofarm.com</a></TD>
-<TR><TD>ee</TD>		<TD>Eivind Eklund <a href="mailto:eivind@FreeBSD.org">eivind@FreeBSD.org</a></TD>
-<TR><TD>eh</TD>		<TD>Elijah Hempstone <a href="mailto:avatar@gandalf.bss.sol.net">avatar@gandalf.bss.sol.net</a></TD>
-<TR><TD>eh</TD>		<TD>Ernest Hua <a href="mailto:hua@chromatic.com">hua@chromatic.com</a></TD>
-<TR><TD>ejc</TD>	<TD>Eric J. Chet <a href="mailto:ejc@gargoyle.bazzle.com">ejc@gargoyle.bazzle.com</a></TD>
-<TR><TD>gl</TD>		<TD>Giles Lean <a href="mailto:giles@nemeton.com.au">giles@nemeton.com.au</a></TD>
-<TR><TD>gvr*</TD>	<TD>Guido van Rooij <a href="mailto:guido@FreeBSD.org">guido@FreeBSD.org</a></TD>
-<TR><TD>gw</TD>		<TD>Graham Wheeler <a href="mailto:gram@oms.co.za">gram@oms.co.za</a></TD>
-<TR><TD>imp*</TD>	<TD>Warner Losh <a href="mailto:imp@FreeBSD.org">imp@FreeBSD.org</a></TD>
-<TR><TD>jb</TD>		<TD>Jim Bresler <a href="mailto:jfb11@inlink.com">jfb11@inlink.com</a></TD>
-<TR><TD>jha</TD>	<TD>John H. Aughey <a href="mailto:jha@cs.purdue.edu">jha@cs.purdue.edu</a></TD>
-<TR><TD>jk</TD>		<TD>Jerry Kendall <a href="mailto:Jerry@kcis.com">Jerry@kcis.com</a></TD>
-<TR><TD>jkh*</TD>	<TD>Jordan K. Hubbard <a href="mailto:jkh@FreeBSD.org">jkh@FreeBSD.org</a></TD>
-<TR><TD>jm</TD>		<TD>Josef Moellers <a href="mailto:mollers.pad@sni.de">mollers.pad@sni.de</a></TD>
-<TR><TD>jmb*</TD>	<TD>Jonathan M. Bresler <a href="mailto:jmb@FreeBSD.org">jmb@FreeBSD.org</a></TD>
-<TR><TD>joe*</TD>	<TD>Joe Greco <a href="mailto:jgreco@solaria.sol.net">jgreco@solaria.sol.net</a></TD>
-<TR><TD>ki</TD>		<TD>Kenneth Ingham <a href="mailto:ingham@i-pi.com">ingham@i-pi.com</a></TD>
-<TR><TD>ky*</TD>	<TD>Kazutaka YOKOTA <a href="mailto:yokota@zodiac.mech.utsunomiya-u.ac.jp">yokota@zodiac.mech.utsunomiya-u.ac.jp</a></TD>
-<TR><TD>marc</TD>	<TD>Marc Slemko <a href="mailto:marcs@znep.com">marcs@znep.com</a></TD>
-<TR><TD>md</TD>		<TD>Matt Dillon <a href="mailto:dillon@best.net">dillon@best.net</a></TD>
-<TR><TD>mr</TD>		<TD>Mike Romaniw <a href="mailto:msr@cuc.com">msr@cuc.com</a></TD>
-<TR><TD>mrvm*</TD>	<TD>Mark Murray <a href="mailto:mark@grondar.za">mark@grondar.za</a></TD>
-<TR><TD>or*</TD>	<TD>Ollivier Robert <a href="mailto:roberto@keltia.freenix.fr">roberto@keltia.freenix.fr</a></TD>
-<TR><TD>pb</TD>		<TD>Peter Blake <a href="mailto:ppb@baloo.tcp.co.uk">ppb@baloo.tcp.co.uk</a></TD>
-<TR><TD>peter*</TD>	<TD>Peter Wemm <a href="mailto:peter@FreeBSD.org">peter@FreeBSD.org</a>
-<TR><TD>phk*</TD>	<TD>Poul-Henning Kamp <a href="mailto:phk@FreeBSD.org">phk@FreeBSD.org</a></TD>
-<TR><TD>pst*</TD>	<TD>Paul Traina <a href="mailto:pst@FreeBSD.org">pst@FreeBSD.org</a></TD>
-<TR><TD>rb</TD>		<TD>Reinier Bezuidenhout <a href="mailto:rbezuide@oskar.nanoteq.co.za">rbezuide@oskar.nanoteq.co.za</a></TD>
-<TR><TD>rd</TD>		<TD>Rajiv Dighe <a href="mailto:rajivd@sprynet.com">rajivd@sprynet.com</a></TD>
-<TR><TD>rel</TD>	<TD>Roger Espel Llima <a href="mailto:espel@llaic.univ-bpclermont.fr">espel@llaic.univ-bpclermont.fr</a></TD>
-<TR><TD>rjk</TD>	<TD>Richard J Kuhns <a href="mailto:rjk@grauel.com">rjk@grauel.com</a>
-<TR><TD>rm</TD>		<TD>Robin Melville <a href="mailto:robmel@nadt.org.uk">robmel@nadt.org.uk</a></TD>
-<TR><TD>rs</TD>		<TD>Robert Sexton <a href="mailto:robert@kudra.com">robert@kudra.com</a></TD>
-<TR><TD>sc</TD>		<TD>Sergei Chechetkin <a href="mailto:csl@whale.sunbay.crimea.ua">csl@whale.sunbay.crimea.ua</a></TD>
-<TR><TD>tao</TD>	<TD>Brian Tao <a href="mailto:taob@risc.org">taob@risc.org</a></TD>
-<TR><TD>tdr</TD>	<TD>Thomas David Rivers <a href="mailto:ponds!rivers@dg-rtp.dg.com">ponds!rivers@dg-rtp.dg.com</a></TD>
-<TR><TD>witr</TD>	<TD>Robert Withrow <a href="mailto:witr@rwwa.com">witr@rwwa.com</a></TD>
-<TR><TD>xaa</TD>	<TD>Mark Huizer <a href="mailto:xaa@stack.nl">xaa@stack.nl</a></TD>
+<TABLE CELLPADDING="2"><TR><TH>Key</TH>
+<TH>Auditor/Reviewer Name and Email address</TH></TR>
+<TR><td>ab</TD>
+<TD>Aaron Bornstein <A HREF="mailto:aaronb@j51.com">
+aaronb@j51.com</A></TD></TR>
+<TR><td>ac</TD>
+<TD>Adrian Chadd <A HREF="mailto:adrian@psinet.net.au">
+adrian@psinet.net.au</A></TD></TR>
+<TR><td>ak</TD>
+<TD>Adam Kubicki <A HREF="mailto:apk@itl.waw.pl">
+apk@itl.waw.pl</A></TD></TR>
+<TR><td>am</TD>
+<TD>Albert Mietus <A HREF="mailto:albert@gamp.hacom.nl">
+albert@gamp.hacom.nl</A></TD></TR>
+<TR><td>avk</TD>
+<TD>Alexander V. Kalganov <A HREF="mailto:top@sonic.cris.net">
+top@sonic.cris.net</A></TD></TR>
+<TR><td>bb</TD>
+<TD>Bob Bishop <A HREF="mailto:rb@gid.co.uk">
+rb@gid.co.uk</A></TD></TR>
+<TR><td>bjn</TD>
+<TD>Brent J. Nordquist <A HREF="mailto:nordquist@platinum.com">
+nordquist@platinum.com</A></TD></TR>
+<TR><td>bob</TD>
+<TD>Bob Willcox <A HREF="mailto:bob@luke.pmr.com">
+bob@luke.pmr.com</A></TD></TR>
+<TR><td>btm</TD>
+<TD>Brian T. Michely <A HREF="mailto:brianm@cmhcsys.com">
+brianm@cmhcsys.com</A></TD></TR>
+<TR><td>cg</TD>
+<TD>Coranth Gryphon <A HREF="mailto:gryphon@healer.com">
+gryphon@healer.com</A></TD></TR>
+<TR><td>cl</TD>
+<TD>Chris Lambertus <A HREF="mailto:cmlambertus@ucdavis.edu">
+cmlambertus@ucdavis.edu</A></TD></TR>
+<TR><td>crh</TD>
+<TD>Charles Henrich <A HREF="mailto:henrich@crh.cl.msu.edu">
+henrich@crh.cl.msu.edu</A></TD></TR>
+<TR><td>dc</TD>
+<TD>Dan Cross <A HREF="mailto:tenser@spitfire.ecsel.psu.edu">
+tenser@spitfire.ecsel.psu.edu</A></TD></TR>
+<TR><td>dg*</TD>
+<TD>David Greenman <A HREF="mailto:davidg@FreeBSD.org">
+davidg@FreeBSD.org</A></TD></TR>
+<TR><td>din</TD>
+<TD>Dinesh Nair <A HREF="mailto:dinesh@alphaque.com">
+dinesh@alphaque.com</A></TD></TR>
+<TR><td>dn</TD>
+<TD>David Nugent <A HREF="mailto:davidn@labs.usn.blaze.net.au">
+davidn@labs.usn.blaze.net.au</A></TD></TR>
+<TR><td>dob</TD>
+<TD>David E. O'Brien <A HREF="mailto:obrien@NUXI.com">
+obrien@NUXI.com</A></TD></TR>
+<TR><td>dz</TD>
+<TD>Danny J. Zerkel <A HREF="mailto:dzerkel@phofarm.com">
+dzerkel@phofarm.com</A></TD></TR>
+<TR><td>ee</TD>
+<TD>Eivind Eklund <A HREF="mailto:eivind@FreeBSD.org">
+eivind@FreeBSD.org</A></TD></TR>
+<TR><td>eh</TD>
+<TD>Elijah Hempstone <A HREF="mailto:avatar@gandalf.bss.sol.net">
+avatar@gandalf.bss.sol.net</A></TD></TR>
+<TR><td>ehu</TD>
+<TD>Ernest Hua <A HREF="mailto:hua@chromatic.com">
+hua@chromatic.com</A></TD></TR>
+<TR><td>ejc</TD>
+<TD>Eric J. Chet <A HREF="mailto:ejc@gargoyle.bazzle.com">
+ejc@gargoyle.bazzle.com</A></TD></TR>
+<TR><td>gl</TD>
+<TD>Giles Lean <A HREF="mailto:giles@nemeton.com.au">
+giles@nemeton.com.au</A></TD></TR>
+<TR><td>gvr*</TD>
+<TD>Guido van Rooij <A HREF="mailto:guido@FreeBSD.org">
+guido@FreeBSD.org</A></TD></TR>
+<TR><td>gw</TD>
+<TD>Graham Wheeler <A HREF="mailto:gram@oms.co.za">
+gram@oms.co.za</A></TD></TR>
+<TR><td>imp*</TD>
+<TD>Warner Losh <A HREF="mailto:imp@FreeBSD.org">
+imp@FreeBSD.org</A></TD></TR>
+<TR><td>jb</TD>
+<TD>Jim Bresler <A HREF="mailto:jfb11@inlink.com">
+jfb11@inlink.com</A></TD></TR>
+<TR><td>jh</TD>
+<TD>Jake Hamby <A HREF="mailto:jehamby@lightside.com">
+jehamby@lightside.com</A></TD></TR>
+<TR><td>jha</TD>
+<TD>John H. Aughey <A HREF="mailto:jha@cs.purdue.edu">
+jha@cs.purdue.edu</A></TD></TR>
+<TR><td>jk</TD>
+<TD>Jerry Kendall <A HREF="mailto:Jerry@kcis.com">
+Jerry@kcis.com</A></TD></TR>
+<TR><td>jkh*</TD>
+<TD>Jordan K. Hubbard <A HREF="mailto:jkh@FreeBSD.org">
+jkh@FreeBSD.org</A></TD></TR>
+<TR><td>jm</TD>
+<TD>Josef Moellers <A HREF="mailto:mollers.pad@sni.de">
+mollers.pad@sni.de</A></TD></TR>
+<TR><td>jmb*</TD>
+<TD>Jonathan M. Bresler <A HREF="mailto:jmb@FreeBSD.org">
+jmb@FreeBSD.org</A></TD></TR>
+<TR><td>joe*</TD>
+<TD>Joe Greco <A HREF="mailto:jgreco@solaria.sol.net">
+jgreco@solaria.sol.net</A></TD></TR>
+<TR><td>ka</TD>
+<TD>Kalganov Alexander <A HREF="mailto:top@bird.cris.net">
+top@bird.cris.net</A></TD></TR>
+<TR><td>ki</TD>
+<TD>Kenneth Ingham <A HREF="mailto:ingham@i-pi.com">
+ingham@i-pi.com</A></TD></TR>
+<TR><td>ky*</TD>
+<TD>Kazutaka YOKOTA <A HREF="mailto:yokota@zodiac.mech.utsunomiya-u.ac.jp">
+yokota@zodiac.mech.utsunomiya-u.ac.jp</A></TD></TR>
+<TR><td>marc</TD>
+<TD>Marc Slemko <A HREF="mailto:marcs@znep.com">
+marcs@znep.com</A></TD></TR>
+<TR><td>md</TD>
+<TD>Matt Dillon <A HREF="mailto:dillon@best.net">
+dillon@best.net</A></TD></TR>
+<TR><td>mr</TD>
+<TD>Mike Romaniw <A HREF="mailto:msr@cuc.com">
+msr@cuc.com</A></TD></TR>
+<TR><td>mrvm*</TD>
+<TD>Mark Murray <A HREF="mailto:mark@grondar.za">
+mark@grondar.za</A></TD></TR>
+<TR><td>mu</TD>
+<TD>Mudge <A HREF="mailto:mudge@l0pht.com">
+mudge@l0pht.com</A></TD></TR>
+<TR><td>or*</TD>
+<TD>Ollivier Robert <A HREF="mailto:roberto@keltia.freenix.fr">
+roberto@keltia.freenix.fr</A></TD></TR>
+<TR><td>pb</TD>
+<TD>Peter Blake <A HREF="mailto:ppb@baloo.tcp.co.uk">
+ppb@baloo.tcp.co.uk</A></TD></TR>
+<TR><td>peter*</TD>
+<TD>Peter Wemm <A HREF="mailto:peter@FreeBSD.org">
+peter@FreeBSD.org</A></TD></TR>
+<TR><td>phk*</TD>
+<TD>Poul-Henning Kamp <A HREF="mailto:phk@FreeBSD.org">
+phk@FreeBSD.org</A></TD></TR>
+<TR><td>pst*</TD>
+<TD>Paul Traina <A HREF="mailto:pst@FreeBSD.org">
+pst@FreeBSD.org</A></TD></TR>
+<TR><td>rb</TD>
+<TD>Reinier Bezuidenhout <A HREF="mailto:rbezuide@oskar.nanoteq.co.za">
+rbezuide@oskar.nanoteq.co.za</A></TD></TR>
+<TR><td>rd</TD>
+<TD>Rajiv Dighe <A HREF="mailto:rajivd@sprynet.com">
+rajivd@sprynet.com</A></TD></TR>
+<TR><td>rel</TD>
+<TD>Roger Espel Llima <A HREF="mailto:espel@llaic.univ-bpclermont.fr">
+espel@llaic.univ-bpclermont.fr</A></TD></TR>
+<TR><td>rjk</TD>
+<TD>Richard J Kuhns <A HREF="mailto:rjk@grauel.com">
+rjk@grauel.com</A></TD></TR>
+<TR><td>rm</TD>
+<TD>Robin Melville <A HREF="mailto:robmel@nadt.org.uk">
+robmel@nadt.org.uk</A></TD></TR>
+<TR><td>rs</TD>
+<TD>Robert Sexton <A HREF="mailto:robert@kudra.com">
+robert@kudra.com</A></TD></TR>
+<TR><td>sc</TD>
+<TD>Sergei Chechetkin <A HREF="mailto:csl@whale.sunbay.crimea.ua">
+csl@whale.sunbay.crimea.ua</A></TD></TR>
+<TR><td>tao</TD>
+<TD>Brian Tao <A HREF="mailto:taob@risc.org">
+taob@risc.org</A></TD></TR>
+<TR><td>tdr</TD>
+<TD>Thomas David Rivers <A HREF="mailto:ponds!rivers@dg-rtp.dg.com">
+ponds!rivers@dg-rtp.dg.com</A></TD></TR>
+<TR><td>vk</TD>
+<TD>Vadim Kolontsov <A HREF="mailto:vadim@tversu.ac.ru">
+vadim@tversu.ac.ru</A></TD></TR>
+<TR><td>witr</TD>
+<TD>Robert Withrow <A HREF="mailto:witr@rwwa.com">
+witr@rwwa.com</A></TD></TR>
+<TR><td>xaa</TD>
+<TD>Mark Huizer <A HREF="mailto:xaa@stack.nl">
+xaa@stack.nl</A></TD></TR>
 </TABLE>
-
-<h3>* = Has CVS commit privileges.</h3>
+<H3>* = Has CVS commit privileges.</H3>
 
 &footer;
 </BODY>
diff --git a/data/security.sgml b/data/security.sgml
index 723a5b6b21..e37bf27861 100644
--- a/data/security.sgml
+++ b/data/security.sgml
@@ -1,5 +1,5 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
-<!ENTITY date "$Date: 1997-02-15 13:28:51 $">
+<!ENTITY date "$Date: 1997-02-19 13:49:11 $">
 <!ENTITY title "FreeBSD Security Guide">
 <!ENTITY % includes SYSTEM "includes.sgml"> %includes;
 ]>
@@ -14,7 +14,7 @@
 
 <H1>FreeBSD Security Guide</H1>
 
-<em>Last Updated: $Date: 1997-02-15 13:28:51 $ </em>
+<em>Last Updated: $Date: 1997-02-19 13:49:11 $ </em>
 
 <P>This guide attempts to document some of the tips and tricks used by
 many FreeBSD security experts for securing systems and writing secure
@@ -24,16 +24,20 @@ if and when they should happen.  It also lists the various ways in which
 the systems programmer can become more security conscious and less likely
 to introduce security holes in the first place.
 
+<p>We welcome your comments on the contents and correctness of this page.
+Please send email to <a href="mailto:security-officer@freebsd.org">the
+FreeBSD Security Officers</a> if you have changes you'd like to see here.
+
 <H2>How to secure a FreeBSD system:</H2>
 
 <UL>
-<LI>This section needs to be written.
+<LI>XXX This section needs to be written.
 </UL>
 
 <H2>How to recover from a security compromise </H2>
 
 <UL>
-<LI>This section also needs to be written.
+<LI>XXX This section also needs to be written.
 </UL>
 
 <H2>Security Do's and Don'ts for Programmers:</H2>
@@ -50,8 +54,18 @@ to introduce security holes in the first place.
    <LI><A NAME="#rule1_1"></A>strcpy() and sprintf() calls from
    unbounded data.  Use strncpy() and snprintf() when the length is known
    (or implement some other form of bounds-checking when it's not).
+   In fact, never use gets(3) or sprintf(3), period.
 
-   <P><LI><A NAME="#rule1_2"></A>Watch for strvis() and getenv() abuse.
+   <P><LI><A NAME="#rule1_2"></A>Watch for strvis(3) and getenv(3) abuse.
+   strvis() is easy to get the destination string wrong for, and getenv()
+   can return strings much longer than the user might expect - they are
+   one of the key ways an attack is often made on a program, causing it
+   to overwrite stack or variables by setting its environment variables
+   to unexpected values.  If your program reads environment variables,
+   be paranoid!
+
+   <P><LI>Every time you see an open(2) or stat(2) call, ask yourself, "What
+   if it's a symbolic link?"
 
    <P><LI><A NAME="#rule1_3"></A>All uses of mktemp(), tempnam(), mkstemp(),
    etc.; make sure that they use mkstemp() instead.  Also look for races in
@@ -61,6 +75,9 @@ to introduce security holes in the first place.
 	<LI>Creating a directory.  This will either succeed or fail.
 	<LI>Opening a file O_CREAT | O_EXCL
 	</UL>
+   mkstemp(3) properly handles this for you, so all temp files should
+   use mkstemp to guarantee there's no race and that the permissions
+   are right.
 
    <P><LI><A NAME="#rule1_4"></A>If an attacker can force packets to go/come
    from another arbitrary system then that hacker has complete control
@@ -144,6 +161,32 @@ to introduce security holes in the first place.
 
 <P><LI><A NAME="#rule6"></A>Pay special attention to realloc() usage - more
    often than not, it's not done correctly.
+
+<P><LI>When using fixed-size buffers, use sizeof() to prevent lossage when
+   a buffer size is changed but the code which uses it isn't.  For example:
+<LISTING>
+	char buf[1024];
+	struct foo { ... };
+	...
+BAD:
+	xxx(buf, 1024)
+	xxx(yyy, sizeof(struct foo))
+GOOD:
+	xxx(buf, sizeof(buf))
+	xxx(yyy, sizeof(yyy))
+</LISTING>
+
+<P><LI>Every time you see "char foo[###]", check every usage of foo to
+   make sure it can't be overflowed.  If you can't avoid overflow
+   (and cases of this have been seen) then at least malloc the buffer
+   so you can't walk on the stack.
+
+<P><LI>Always close file descriptors as soon as you can -- this makes it
+   more likely that the stdio buffer contents will be discarded.  In
+   library routines, always set any file descriptors that you open to
+   close-on-exec.
+
+<P>
 </UL>
 
 &footer;
diff --git a/en/auditors.sgml b/en/auditors.sgml
index d95338a7e4..b44065d6b4 100644
--- a/en/auditors.sgml
+++ b/en/auditors.sgml
@@ -1,5 +1,5 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
-<!ENTITY date "$Date: 1997-02-18 01:04:17 $">
+<!ENTITY date "$Date: 1997-02-19 13:49:10 $">
 <!ENTITY title "FreeBSD Auditing Project">
 <!ENTITY % includes SYSTEM "includes.sgml"> %includes;
 ]>
@@ -14,7 +14,7 @@
 
 <H1>General Information</H1>
 
-<em>Last Updated: $Date: 1997-02-18 01:04:17 $ </em>
+<em>Last Updated: $Date: 1997-02-19 13:49:10 $ </em>
 
 <H2>Overview</H2>
 
@@ -84,9 +84,11 @@ into the <strong>2.1</strong> and <strong>2.2</strong> branches.
 complex that I have turned it into a <a href="security.html">FreeBSD
 Security Guide</a>.  Please read this now if you haven't already.
 
-Another excellent document is the <a
+Other excellent documents are the <a
 href="ftp://ftp.auscert.org.au/pub/auscert/papers/secure_programming_checklist">
-Secure Programming Checklist</a>, available from AUSCERT.
+Secure Programming Checklist</a> and the <a
+href="ftp://ftp.auscert.org.au/pub/auscert/papers/unix_security_checklist">
+Unix Security Checklist</a>, both available from AUSCERT.
 
 <H2>Sign-Up sheet:</H2>
 
@@ -109,24 +111,126 @@ auditors will be assuming that the other 10 items are handled!</P>
 To sign up for something, please send mail to <a
 href="mailto:jkh@FreeBSD.org"> jkh@FreeBSD.org</a>.
 
-<P>
-<TABLE border=2 cellpadding=3>
-<TR><TH>Module</TH>		<TH>Auditor(s)</TH>	<TH>Reviewer(s)</TH> <TH>Status</TH>
-<TR><TD>lib</TD>		<TD>pst,ak</TD>		<TD>jkh,dg,gvr,imp</TD>	<TD>gvr</TD>
-<TR><TD>libc</TD>		<TD>ee</TD>		<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>libdisk</TD>		<TD>open</TD>		<TD>phk,gvr</TD>	<TD>Open</TD>
-<TR><TD>libexec</TD>		<TD>imp,crh,ee,witr</TD>	<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>telnetd</TD>		<TD>ac,dn</TD>		<TD>imp,gvr</TD>	<TD>Open</TD>
-<TR><TD>bin</TD>		<TD>ac,gvr,ee</TD>	<TD>imp,md,gvr</TD>	<TD>Open</TD>
-<TR><TD>sbin</TD>		<TD>taob,imp,ee,or</TD>	<TD>md,gvr</TD>	<TD>Open</TD>
-<TR><TD>usr.sbin</TD>		<TD>imp,rd,marc,ee,ejc,jm</TD>	<TD>md,gvr</TD>	<TD>Open</TD>
-<TR><TD>usr.bin</TD>		<TD>rb,rjk,rd,jha,ee,ky,bob,jm</TD>	<TD>md,gvr</TD>	<TD>Open</TD>
-<TR><TD>eBones</TD>		<TD>mrvm</TD>		<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>secure</TD>		<TD>mrvm,dc</TD>		<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>games</TD>		<TD>xaa,ab,ee</TD>		<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>lkm</TD>		<TD>dob</TD>		<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>release</TD>		<TD>open</TD>		<TD>gvr</TD>	<TD>Open</TD>
-<TR><TD>contrib</TD>		<TD>cg</TD>		<TD>gvr</TD>	<TD>Open</TD>
+<P></P><TABLE BORDER="2" CELLPADDING="3">
+<TR><TH>Module</TH><TH>Auditor(s)</TH><TH>Reviewer(s)</TH>
+<TH>Status</TH></TR>
+<TR><TD><A HREF="mailto:audit-bin@FreeBSD.ORG">bin</A></TD>
+<TD>
+<A HREF="mailto:adrian@psinet.net.au">ac</A>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:guido@FreeBSD.org">gvr*</A>
+<A HREF="mailto:jehamby@lightside.com">jh</A>
+<A HREF="mailto:top@bird.cris.net">ka</A>
+<A HREF="mailto:mudge@l0pht.com">mu</A>
+<A HREF="mailto:vadim@tversu.ac.ru">vk</A>
+</TD>
+<TD><A HREF="mailto:imp@FreeBSD.org">imp*</A> <A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-contrib@FreeBSD.ORG">contrib</A></TD>
+<TD>
+<A HREF="mailto:gryphon@healer.com">cg</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-eBones@FreeBSD.ORG">eBones</A></TD>
+<TD>
+<A HREF="mailto:mark@grondar.za">mrvm*</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-games@FreeBSD.ORG">games</A></TD>
+<TD>
+<A HREF="mailto:aaronb@j51.com">ab</A>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:xaa@stack.nl">xaa</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-init@FreeBSD.ORG">init</A></TD>
+<TD>
+<A HREF="mailto:giles@nemeton.com.au">gl</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-lib@FreeBSD.ORG">lib</A></TD>
+<TD>
+<A HREF="mailto:apk@itl.waw.pl">ak</A>
+<A HREF="mailto:nordquist@platinum.com">bjn</A>
+<A HREF="mailto:pst@FreeBSD.org">pst*</A>
+</TD>
+<TD><A HREF="mailto:davidg@FreeBSD.org">dg*</A> <A HREF="mailto:imp@FreeBSD.org">imp*</A> <A HREF="mailto:jkh@FreeBSD.org">jkh*</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-libc@FreeBSD.ORG">libc</A></TD>
+<TD>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:mudge@l0pht.com">mu</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-libexec@FreeBSD.ORG">libexec</A></TD>
+<TD>
+<A HREF="mailto:henrich@crh.cl.msu.edu">crh</A>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:imp@FreeBSD.org">imp*</A>
+<A HREF="mailto:witr@rwwa.com">witr</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-lkm@FreeBSD.ORG">lkm</A></TD>
+<TD>
+<A HREF="mailto:obrien@NUXI.com">dob</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-sbin@FreeBSD.ORG">sbin</A></TD>
+<TD>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:imp@FreeBSD.org">imp*</A>
+<A HREF="mailto:roberto@keltia.freenix.fr">or*</A>
+<A HREF="mailto:taob@risc.org">tao</A>
+</TD>
+<TD><A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-secure@FreeBSD.ORG">secure</A></TD>
+<TD>
+<A HREF="mailto:tenser@spitfire.ecsel.psu.edu">dc</A>
+<A HREF="mailto:mark@grondar.za">mrvm*</A>
+</TD>
+<TD><A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-telnetd@FreeBSD.ORG">telnetd</A></TD>
+<TD>
+<A HREF="mailto:adrian@psinet.net.au">ac</A>
+<A HREF="mailto:davidn@labs.usn.blaze.net.au">dn</A>
+</TD>
+<TD><A HREF="mailto:imp@FreeBSD.org">imp*</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-usr.bin@FreeBSD.ORG">usr.bin</A></TD>
+<TD>
+<A HREF="mailto:bob@luke.pmr.com">bob</A>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:jha@cs.purdue.edu">jha</A>
+<A HREF="mailto:mollers.pad@sni.de">jm</A>
+<A HREF="mailto:yokota@zodiac.mech.utsunomiya-u.ac.jp">ky*</A>
+<A HREF="mailto:rbezuide@oskar.nanoteq.co.za">rb</A>
+<A HREF="mailto:rajivd@sprynet.com">rd</A>
+<A HREF="mailto:rjk@grauel.com">rjk</A>
+<A HREF="mailto:vadim@tversu.ac.ru">vk</A>
+</TD>
+<TD><A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
+<TR><TD><A HREF="mailto:audit-usr.sbin@FreeBSD.ORG">usr.sbin</A></TD>
+<TD>
+<A HREF="mailto:eivind@FreeBSD.org">ee</A>
+<A HREF="mailto:ejc@gargoyle.bazzle.com">ejc</A>
+<A HREF="mailto:giles@nemeton.com.au">gl</A>
+<A HREF="mailto:imp@FreeBSD.org">imp*</A>
+<A HREF="mailto:mollers.pad@sni.de">jm</A>
+<A HREF="mailto:marcs@znep.com">marc</A>
+<A HREF="mailto:rajivd@sprynet.com">rd</A>
+</TD>
+<TD><A HREF="mailto:dillon@best.net">md</A> <A HREF="mailto: guido@FreeBSD.org">gvr*</A> </TD>
+<TD>Open</TD>
 </TABLE>
 
 <H2>Auditor/Reviewer keys</H2>
@@ -141,65 +245,187 @@ reach just the auditors & reviewers for a specific category, say
 <a href="mailto:audit-usr.sbin@FreeBSD.org">
 audit-<strong>usr.sbin</strong>@FreeBSD.org</a>.</P>
 
-<TABLE cellpadding=2>
-<TR><TH>Key</TH>	<TH>Auditor/Reviewer Name and Email address</TH>
-<TR><TD>ab</TD>		<TD>Aaron Bornstein <a href="mailto:aaronb@j51.com">aaronb@j51.com</a></TD>
-<TR><TD>ac</TD>		<TD>Adrian Chadd <a href="mailto:adrian@psinet.net.au">adrian@psinet.net.au</a></TD>
-<TR><TD>ak</TD>		<TD>Adam Kubicki <a href="mailto:apk@itl.waw.pl">apk@itl.waw.pl</a></TD>
-<TR><TD>am</TD>		<TD>Albert Mietus <a href="mailto:albert@gamp.hacom.nl">albert@gamp.hacom.nl</a></TD>
-<TR><TD>avk</TD>	<TD>Alexander V. Kalganov <a href="mailto:top@sonic.cris.net">top@sonic.cris.net</a></TD>
-<TR><TD>bb</TD>		<TD>Bob Bishop <a href="mailto:rb@gid.co.uk">rb@gid.co.uk</a></TD>
-<TR><TD>bob</TD>	<TD>Bob Willcox <a href="mailto:bob@luke.pmr.com">bob@luke.pmr.com</a></TD>
-<TR><TD>btm</TD>	<TD>Brian T. Michely <a href="mailto:brianm@cmhcsys.com">brianm@cmhcsys.com</a></TD>
-<TR><TD>cg</TD>		<TD>Coranth Gryphon <a href="mailto:gryphon@healer.com">gryphon@healer.com</a></TD>
-<TR><TD>cl</TD>		<TD>Chris Lambertus <a href="mailto:cmlambertus@ucdavis.edu">cmlambertus@ucdavis.edu</a></TD>
-<TR><TD>crh</TD>	<TD>Charles Henrich <a href="mailto:henrich@crh.cl.msu.edu">henrich@crh.cl.msu.edu</a></TD>
-<TR><TD>dc</TD>		<TD>Dan Cross <a href="mailto:tenser@spitfire.ecsel.psu.edu">tenser@spitfire.ecsel.psu.edu</a></TD>
-<TR><TD>dg*</TD>	<TD>David Greenman <a href="mailto:davidg@FreeBSD.org">davidg@FreeBSD.org</a></TD>
-<TR><TD>din</TD>	<TD>Dinesh Nair <a href="mailto:dinesh@alphaque.com">dinesh@alphaque.com</a></TD>
-<TR><TD>dn</TD>		<TD>David Nugent <a href="mailto:davidn@labs.usn.blaze.net.au">davidn@labs.usn.blaze.net.au</a></TD>
-<TR><TD>dob*</TD>	<TD>David E. O'Brien <a href="mailto:obrien@FreeBSD.org">obrien@FreeBSD.org</a></TD>
-<TR><TD>dz</TD>		<TD>Danny J. Zerkel <a href="mailto:dzerkel@phofarm.com">dzerkel@phofarm.com</a></TD>
-<TR><TD>ee</TD>		<TD>Eivind Eklund <a href="mailto:eivind@FreeBSD.org">eivind@FreeBSD.org</a></TD>
-<TR><TD>eh</TD>		<TD>Elijah Hempstone <a href="mailto:avatar@gandalf.bss.sol.net">avatar@gandalf.bss.sol.net</a></TD>
-<TR><TD>eh</TD>		<TD>Ernest Hua <a href="mailto:hua@chromatic.com">hua@chromatic.com</a></TD>
-<TR><TD>ejc</TD>	<TD>Eric J. Chet <a href="mailto:ejc@gargoyle.bazzle.com">ejc@gargoyle.bazzle.com</a></TD>
-<TR><TD>gl</TD>		<TD>Giles Lean <a href="mailto:giles@nemeton.com.au">giles@nemeton.com.au</a></TD>
-<TR><TD>gvr*</TD>	<TD>Guido van Rooij <a href="mailto:guido@FreeBSD.org">guido@FreeBSD.org</a></TD>
-<TR><TD>gw</TD>		<TD>Graham Wheeler <a href="mailto:gram@oms.co.za">gram@oms.co.za</a></TD>
-<TR><TD>imp*</TD>	<TD>Warner Losh <a href="mailto:imp@FreeBSD.org">imp@FreeBSD.org</a></TD>
-<TR><TD>jb</TD>		<TD>Jim Bresler <a href="mailto:jfb11@inlink.com">jfb11@inlink.com</a></TD>
-<TR><TD>jha</TD>	<TD>John H. Aughey <a href="mailto:jha@cs.purdue.edu">jha@cs.purdue.edu</a></TD>
-<TR><TD>jk</TD>		<TD>Jerry Kendall <a href="mailto:Jerry@kcis.com">Jerry@kcis.com</a></TD>
-<TR><TD>jkh*</TD>	<TD>Jordan K. Hubbard <a href="mailto:jkh@FreeBSD.org">jkh@FreeBSD.org</a></TD>
-<TR><TD>jm</TD>		<TD>Josef Moellers <a href="mailto:mollers.pad@sni.de">mollers.pad@sni.de</a></TD>
-<TR><TD>jmb*</TD>	<TD>Jonathan M. Bresler <a href="mailto:jmb@FreeBSD.org">jmb@FreeBSD.org</a></TD>
-<TR><TD>joe*</TD>	<TD>Joe Greco <a href="mailto:jgreco@solaria.sol.net">jgreco@solaria.sol.net</a></TD>
-<TR><TD>ki</TD>		<TD>Kenneth Ingham <a href="mailto:ingham@i-pi.com">ingham@i-pi.com</a></TD>
-<TR><TD>ky*</TD>	<TD>Kazutaka YOKOTA <a href="mailto:yokota@zodiac.mech.utsunomiya-u.ac.jp">yokota@zodiac.mech.utsunomiya-u.ac.jp</a></TD>
-<TR><TD>marc</TD>	<TD>Marc Slemko <a href="mailto:marcs@znep.com">marcs@znep.com</a></TD>
-<TR><TD>md</TD>		<TD>Matt Dillon <a href="mailto:dillon@best.net">dillon@best.net</a></TD>
-<TR><TD>mr</TD>		<TD>Mike Romaniw <a href="mailto:msr@cuc.com">msr@cuc.com</a></TD>
-<TR><TD>mrvm*</TD>	<TD>Mark Murray <a href="mailto:mark@grondar.za">mark@grondar.za</a></TD>
-<TR><TD>or*</TD>	<TD>Ollivier Robert <a href="mailto:roberto@keltia.freenix.fr">roberto@keltia.freenix.fr</a></TD>
-<TR><TD>pb</TD>		<TD>Peter Blake <a href="mailto:ppb@baloo.tcp.co.uk">ppb@baloo.tcp.co.uk</a></TD>
-<TR><TD>peter*</TD>	<TD>Peter Wemm <a href="mailto:peter@FreeBSD.org">peter@FreeBSD.org</a>
-<TR><TD>phk*</TD>	<TD>Poul-Henning Kamp <a href="mailto:phk@FreeBSD.org">phk@FreeBSD.org</a></TD>
-<TR><TD>pst*</TD>	<TD>Paul Traina <a href="mailto:pst@FreeBSD.org">pst@FreeBSD.org</a></TD>
-<TR><TD>rb</TD>		<TD>Reinier Bezuidenhout <a href="mailto:rbezuide@oskar.nanoteq.co.za">rbezuide@oskar.nanoteq.co.za</a></TD>
-<TR><TD>rd</TD>		<TD>Rajiv Dighe <a href="mailto:rajivd@sprynet.com">rajivd@sprynet.com</a></TD>
-<TR><TD>rel</TD>	<TD>Roger Espel Llima <a href="mailto:espel@llaic.univ-bpclermont.fr">espel@llaic.univ-bpclermont.fr</a></TD>
-<TR><TD>rjk</TD>	<TD>Richard J Kuhns <a href="mailto:rjk@grauel.com">rjk@grauel.com</a>
-<TR><TD>rm</TD>		<TD>Robin Melville <a href="mailto:robmel@nadt.org.uk">robmel@nadt.org.uk</a></TD>
-<TR><TD>rs</TD>		<TD>Robert Sexton <a href="mailto:robert@kudra.com">robert@kudra.com</a></TD>
-<TR><TD>sc</TD>		<TD>Sergei Chechetkin <a href="mailto:csl@whale.sunbay.crimea.ua">csl@whale.sunbay.crimea.ua</a></TD>
-<TR><TD>tao</TD>	<TD>Brian Tao <a href="mailto:taob@risc.org">taob@risc.org</a></TD>
-<TR><TD>tdr</TD>	<TD>Thomas David Rivers <a href="mailto:ponds!rivers@dg-rtp.dg.com">ponds!rivers@dg-rtp.dg.com</a></TD>
-<TR><TD>witr</TD>	<TD>Robert Withrow <a href="mailto:witr@rwwa.com">witr@rwwa.com</a></TD>
-<TR><TD>xaa</TD>	<TD>Mark Huizer <a href="mailto:xaa@stack.nl">xaa@stack.nl</a></TD>
+<TABLE CELLPADDING="2"><TR><TH>Key</TH>
+<TH>Auditor/Reviewer Name and Email address</TH></TR>
+<TR><td>ab</TD>
+<TD>Aaron Bornstein <A HREF="mailto:aaronb@j51.com">
+aaronb@j51.com</A></TD></TR>
+<TR><td>ac</TD>
+<TD>Adrian Chadd <A HREF="mailto:adrian@psinet.net.au">
+adrian@psinet.net.au</A></TD></TR>
+<TR><td>ak</TD>
+<TD>Adam Kubicki <A HREF="mailto:apk@itl.waw.pl">
+apk@itl.waw.pl</A></TD></TR>
+<TR><td>am</TD>
+<TD>Albert Mietus <A HREF="mailto:albert@gamp.hacom.nl">
+albert@gamp.hacom.nl</A></TD></TR>
+<TR><td>avk</TD>
+<TD>Alexander V. Kalganov <A HREF="mailto:top@sonic.cris.net">
+top@sonic.cris.net</A></TD></TR>
+<TR><td>bb</TD>
+<TD>Bob Bishop <A HREF="mailto:rb@gid.co.uk">
+rb@gid.co.uk</A></TD></TR>
+<TR><td>bjn</TD>
+<TD>Brent J. Nordquist <A HREF="mailto:nordquist@platinum.com">
+nordquist@platinum.com</A></TD></TR>
+<TR><td>bob</TD>
+<TD>Bob Willcox <A HREF="mailto:bob@luke.pmr.com">
+bob@luke.pmr.com</A></TD></TR>
+<TR><td>btm</TD>
+<TD>Brian T. Michely <A HREF="mailto:brianm@cmhcsys.com">
+brianm@cmhcsys.com</A></TD></TR>
+<TR><td>cg</TD>
+<TD>Coranth Gryphon <A HREF="mailto:gryphon@healer.com">
+gryphon@healer.com</A></TD></TR>
+<TR><td>cl</TD>
+<TD>Chris Lambertus <A HREF="mailto:cmlambertus@ucdavis.edu">
+cmlambertus@ucdavis.edu</A></TD></TR>
+<TR><td>crh</TD>
+<TD>Charles Henrich <A HREF="mailto:henrich@crh.cl.msu.edu">
+henrich@crh.cl.msu.edu</A></TD></TR>
+<TR><td>dc</TD>
+<TD>Dan Cross <A HREF="mailto:tenser@spitfire.ecsel.psu.edu">
+tenser@spitfire.ecsel.psu.edu</A></TD></TR>
+<TR><td>dg*</TD>
+<TD>David Greenman <A HREF="mailto:davidg@FreeBSD.org">
+davidg@FreeBSD.org</A></TD></TR>
+<TR><td>din</TD>
+<TD>Dinesh Nair <A HREF="mailto:dinesh@alphaque.com">
+dinesh@alphaque.com</A></TD></TR>
+<TR><td>dn</TD>
+<TD>David Nugent <A HREF="mailto:davidn@labs.usn.blaze.net.au">
+davidn@labs.usn.blaze.net.au</A></TD></TR>
+<TR><td>dob</TD>
+<TD>David E. O'Brien <A HREF="mailto:obrien@NUXI.com">
+obrien@NUXI.com</A></TD></TR>
+<TR><td>dz</TD>
+<TD>Danny J. Zerkel <A HREF="mailto:dzerkel@phofarm.com">
+dzerkel@phofarm.com</A></TD></TR>
+<TR><td>ee</TD>
+<TD>Eivind Eklund <A HREF="mailto:eivind@FreeBSD.org">
+eivind@FreeBSD.org</A></TD></TR>
+<TR><td>eh</TD>
+<TD>Elijah Hempstone <A HREF="mailto:avatar@gandalf.bss.sol.net">
+avatar@gandalf.bss.sol.net</A></TD></TR>
+<TR><td>ehu</TD>
+<TD>Ernest Hua <A HREF="mailto:hua@chromatic.com">
+hua@chromatic.com</A></TD></TR>
+<TR><td>ejc</TD>
+<TD>Eric J. Chet <A HREF="mailto:ejc@gargoyle.bazzle.com">
+ejc@gargoyle.bazzle.com</A></TD></TR>
+<TR><td>gl</TD>
+<TD>Giles Lean <A HREF="mailto:giles@nemeton.com.au">
+giles@nemeton.com.au</A></TD></TR>
+<TR><td>gvr*</TD>
+<TD>Guido van Rooij <A HREF="mailto:guido@FreeBSD.org">
+guido@FreeBSD.org</A></TD></TR>
+<TR><td>gw</TD>
+<TD>Graham Wheeler <A HREF="mailto:gram@oms.co.za">
+gram@oms.co.za</A></TD></TR>
+<TR><td>imp*</TD>
+<TD>Warner Losh <A HREF="mailto:imp@FreeBSD.org">
+imp@FreeBSD.org</A></TD></TR>
+<TR><td>jb</TD>
+<TD>Jim Bresler <A HREF="mailto:jfb11@inlink.com">
+jfb11@inlink.com</A></TD></TR>
+<TR><td>jh</TD>
+<TD>Jake Hamby <A HREF="mailto:jehamby@lightside.com">
+jehamby@lightside.com</A></TD></TR>
+<TR><td>jha</TD>
+<TD>John H. Aughey <A HREF="mailto:jha@cs.purdue.edu">
+jha@cs.purdue.edu</A></TD></TR>
+<TR><td>jk</TD>
+<TD>Jerry Kendall <A HREF="mailto:Jerry@kcis.com">
+Jerry@kcis.com</A></TD></TR>
+<TR><td>jkh*</TD>
+<TD>Jordan K. Hubbard <A HREF="mailto:jkh@FreeBSD.org">
+jkh@FreeBSD.org</A></TD></TR>
+<TR><td>jm</TD>
+<TD>Josef Moellers <A HREF="mailto:mollers.pad@sni.de">
+mollers.pad@sni.de</A></TD></TR>
+<TR><td>jmb*</TD>
+<TD>Jonathan M. Bresler <A HREF="mailto:jmb@FreeBSD.org">
+jmb@FreeBSD.org</A></TD></TR>
+<TR><td>joe*</TD>
+<TD>Joe Greco <A HREF="mailto:jgreco@solaria.sol.net">
+jgreco@solaria.sol.net</A></TD></TR>
+<TR><td>ka</TD>
+<TD>Kalganov Alexander <A HREF="mailto:top@bird.cris.net">
+top@bird.cris.net</A></TD></TR>
+<TR><td>ki</TD>
+<TD>Kenneth Ingham <A HREF="mailto:ingham@i-pi.com">
+ingham@i-pi.com</A></TD></TR>
+<TR><td>ky*</TD>
+<TD>Kazutaka YOKOTA <A HREF="mailto:yokota@zodiac.mech.utsunomiya-u.ac.jp">
+yokota@zodiac.mech.utsunomiya-u.ac.jp</A></TD></TR>
+<TR><td>marc</TD>
+<TD>Marc Slemko <A HREF="mailto:marcs@znep.com">
+marcs@znep.com</A></TD></TR>
+<TR><td>md</TD>
+<TD>Matt Dillon <A HREF="mailto:dillon@best.net">
+dillon@best.net</A></TD></TR>
+<TR><td>mr</TD>
+<TD>Mike Romaniw <A HREF="mailto:msr@cuc.com">
+msr@cuc.com</A></TD></TR>
+<TR><td>mrvm*</TD>
+<TD>Mark Murray <A HREF="mailto:mark@grondar.za">
+mark@grondar.za</A></TD></TR>
+<TR><td>mu</TD>
+<TD>Mudge <A HREF="mailto:mudge@l0pht.com">
+mudge@l0pht.com</A></TD></TR>
+<TR><td>or*</TD>
+<TD>Ollivier Robert <A HREF="mailto:roberto@keltia.freenix.fr">
+roberto@keltia.freenix.fr</A></TD></TR>
+<TR><td>pb</TD>
+<TD>Peter Blake <A HREF="mailto:ppb@baloo.tcp.co.uk">
+ppb@baloo.tcp.co.uk</A></TD></TR>
+<TR><td>peter*</TD>
+<TD>Peter Wemm <A HREF="mailto:peter@FreeBSD.org">
+peter@FreeBSD.org</A></TD></TR>
+<TR><td>phk*</TD>
+<TD>Poul-Henning Kamp <A HREF="mailto:phk@FreeBSD.org">
+phk@FreeBSD.org</A></TD></TR>
+<TR><td>pst*</TD>
+<TD>Paul Traina <A HREF="mailto:pst@FreeBSD.org">
+pst@FreeBSD.org</A></TD></TR>
+<TR><td>rb</TD>
+<TD>Reinier Bezuidenhout <A HREF="mailto:rbezuide@oskar.nanoteq.co.za">
+rbezuide@oskar.nanoteq.co.za</A></TD></TR>
+<TR><td>rd</TD>
+<TD>Rajiv Dighe <A HREF="mailto:rajivd@sprynet.com">
+rajivd@sprynet.com</A></TD></TR>
+<TR><td>rel</TD>
+<TD>Roger Espel Llima <A HREF="mailto:espel@llaic.univ-bpclermont.fr">
+espel@llaic.univ-bpclermont.fr</A></TD></TR>
+<TR><td>rjk</TD>
+<TD>Richard J Kuhns <A HREF="mailto:rjk@grauel.com">
+rjk@grauel.com</A></TD></TR>
+<TR><td>rm</TD>
+<TD>Robin Melville <A HREF="mailto:robmel@nadt.org.uk">
+robmel@nadt.org.uk</A></TD></TR>
+<TR><td>rs</TD>
+<TD>Robert Sexton <A HREF="mailto:robert@kudra.com">
+robert@kudra.com</A></TD></TR>
+<TR><td>sc</TD>
+<TD>Sergei Chechetkin <A HREF="mailto:csl@whale.sunbay.crimea.ua">
+csl@whale.sunbay.crimea.ua</A></TD></TR>
+<TR><td>tao</TD>
+<TD>Brian Tao <A HREF="mailto:taob@risc.org">
+taob@risc.org</A></TD></TR>
+<TR><td>tdr</TD>
+<TD>Thomas David Rivers <A HREF="mailto:ponds!rivers@dg-rtp.dg.com">
+ponds!rivers@dg-rtp.dg.com</A></TD></TR>
+<TR><td>vk</TD>
+<TD>Vadim Kolontsov <A HREF="mailto:vadim@tversu.ac.ru">
+vadim@tversu.ac.ru</A></TD></TR>
+<TR><td>witr</TD>
+<TD>Robert Withrow <A HREF="mailto:witr@rwwa.com">
+witr@rwwa.com</A></TD></TR>
+<TR><td>xaa</TD>
+<TD>Mark Huizer <A HREF="mailto:xaa@stack.nl">
+xaa@stack.nl</A></TD></TR>
 </TABLE>
-
-<h3>* = Has CVS commit privileges.</h3>
+<H3>* = Has CVS commit privileges.</H3>
 
 &footer;
 </BODY>
diff --git a/en/security.sgml b/en/security.sgml
index 723a5b6b21..e37bf27861 100644
--- a/en/security.sgml
+++ b/en/security.sgml
@@ -1,5 +1,5 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
-<!ENTITY date "$Date: 1997-02-15 13:28:51 $">
+<!ENTITY date "$Date: 1997-02-19 13:49:11 $">
 <!ENTITY title "FreeBSD Security Guide">
 <!ENTITY % includes SYSTEM "includes.sgml"> %includes;
 ]>
@@ -14,7 +14,7 @@
 
 <H1>FreeBSD Security Guide</H1>
 
-<em>Last Updated: $Date: 1997-02-15 13:28:51 $ </em>
+<em>Last Updated: $Date: 1997-02-19 13:49:11 $ </em>
 
 <P>This guide attempts to document some of the tips and tricks used by
 many FreeBSD security experts for securing systems and writing secure
@@ -24,16 +24,20 @@ if and when they should happen.  It also lists the various ways in which
 the systems programmer can become more security conscious and less likely
 to introduce security holes in the first place.
 
+<p>We welcome your comments on the contents and correctness of this page.
+Please send email to <a href="mailto:security-officer@freebsd.org">the
+FreeBSD Security Officers</a> if you have changes you'd like to see here.
+
 <H2>How to secure a FreeBSD system:</H2>
 
 <UL>
-<LI>This section needs to be written.
+<LI>XXX This section needs to be written.
 </UL>
 
 <H2>How to recover from a security compromise </H2>
 
 <UL>
-<LI>This section also needs to be written.
+<LI>XXX This section also needs to be written.
 </UL>
 
 <H2>Security Do's and Don'ts for Programmers:</H2>
@@ -50,8 +54,18 @@ to introduce security holes in the first place.
    <LI><A NAME="#rule1_1"></A>strcpy() and sprintf() calls from
    unbounded data.  Use strncpy() and snprintf() when the length is known
    (or implement some other form of bounds-checking when it's not).
+   In fact, never use gets(3) or sprintf(3), period.
 
-   <P><LI><A NAME="#rule1_2"></A>Watch for strvis() and getenv() abuse.
+   <P><LI><A NAME="#rule1_2"></A>Watch for strvis(3) and getenv(3) abuse.
+   strvis() is easy to get the destination string wrong for, and getenv()
+   can return strings much longer than the user might expect - they are
+   one of the key ways an attack is often made on a program, causing it
+   to overwrite stack or variables by setting its environment variables
+   to unexpected values.  If your program reads environment variables,
+   be paranoid!
+
+   <P><LI>Every time you see an open(2) or stat(2) call, ask yourself, "What
+   if it's a symbolic link?"
 
    <P><LI><A NAME="#rule1_3"></A>All uses of mktemp(), tempnam(), mkstemp(),
    etc.; make sure that they use mkstemp() instead.  Also look for races in
@@ -61,6 +75,9 @@ to introduce security holes in the first place.
 	<LI>Creating a directory.  This will either succeed or fail.
 	<LI>Opening a file O_CREAT | O_EXCL
 	</UL>
+   mkstemp(3) properly handles this for you, so all temp files should
+   use mkstemp to guarantee there's no race and that the permissions
+   are right.
 
    <P><LI><A NAME="#rule1_4"></A>If an attacker can force packets to go/come
    from another arbitrary system then that hacker has complete control
@@ -144,6 +161,32 @@ to introduce security holes in the first place.
 
 <P><LI><A NAME="#rule6"></A>Pay special attention to realloc() usage - more
    often than not, it's not done correctly.
+
+<P><LI>When using fixed-size buffers, use sizeof() to prevent lossage when
+   a buffer size is changed but the code which uses it isn't.  For example:
+<LISTING>
+	char buf[1024];
+	struct foo { ... };
+	...
+BAD:
+	xxx(buf, 1024)
+	xxx(yyy, sizeof(struct foo))
+GOOD:
+	xxx(buf, sizeof(buf))
+	xxx(yyy, sizeof(yyy))
+</LISTING>
+
+<P><LI>Every time you see "char foo[###]", check every usage of foo to
+   make sure it can't be overflowed.  If you can't avoid overflow
+   (and cases of this have been seen) then at least malloc the buffer
+   so you can't walk on the stack.
+
+<P><LI>Always close file descriptors as soon as you can -- this makes it
+   more likely that the stdio buffer contents will be discarded.  In
+   library routines, always set any file descriptors that you open to
+   close-on-exec.
+
+<P>
 </UL>
 
 &footer;

Module	Auditor(s)	Reviewer(s)	Status
lib	pst,ak	jkh,dg,gvr,imp	gvr
libc	ee	gvr	Open
libdisk	open	phk,gvr	Open
libexec	imp,crh,ee,witr	gvr	Open
telnetd	ac,dn	imp,gvr	Open
bin	ac,gvr,ee	imp,md,gvr	Open
sbin	taob,imp,ee,or	md,gvr	Open
usr.sbin	imp,rd,marc,ee,ejc,jm	md,gvr	Open
usr.bin	rb,rjk,rd,jha,ee,ky,bob,jm	md,gvr	Open
eBones	mrvm	gvr	Open
secure	mrvm,dc	gvr	Open
games	xaa,ab,ee	gvr	Open
lkm	dob	gvr	Open
release	open	gvr	Open
contrib	cg	gvr	Open
Module	Auditor(s)	Reviewer(s)	Status
bin	+ac +ee +gvr* +jh +ka +mu +vk +	imp* md gvr*	Open
contrib	+cg +	gvr*	Open
eBones	+mrvm* +	gvr*	Open
games	+ab +ee +xaa +	gvr*	Open
init	+gl +	gvr*	Open
lib	+ak +bjn +pst* +	dg* imp* jkh* gvr*	Open
libc	+ee +mu +	gvr*	Open
libexec	+crh +ee +imp* +witr +	gvr*	Open
lkm	+dob +	gvr*	Open
sbin	+ee +imp* +or* +tao +	md gvr*	Open
secure	+dc +mrvm* +	gvr*	Open
telnetd	+ac +dn +	imp* gvr*	Open
usr.bin	+bob +ee +jha +jm +ky* +rb +rd +rjk +vk +	md gvr*	Open
usr.sbin	+ee +ejc +gl +imp* +jm +marc +rd +	md gvr*	Open
Key	Auditor/Reviewer Name and Email address
ab	Aaron Bornstein aaronb@j51.com
ac	Adrian Chadd adrian@psinet.net.au
ak	Adam Kubicki apk@itl.waw.pl
am	Albert Mietus albert@gamp.hacom.nl
avk	Alexander V. Kalganov top@sonic.cris.net
bb	Bob Bishop rb@gid.co.uk
bob	Bob Willcox bob@luke.pmr.com
btm	Brian T. Michely brianm@cmhcsys.com
cg	Coranth Gryphon gryphon@healer.com
cl	Chris Lambertus cmlambertus@ucdavis.edu
crh	Charles Henrich henrich@crh.cl.msu.edu
dc	Dan Cross tenser@spitfire.ecsel.psu.edu
dg*	David Greenman davidg@FreeBSD.org
din	Dinesh Nair dinesh@alphaque.com
dn	David Nugent davidn@labs.usn.blaze.net.au
dob*	David E. O'Brien obrien@FreeBSD.org
dz	Danny J. Zerkel dzerkel@phofarm.com
ee	Eivind Eklund eivind@FreeBSD.org
eh	Elijah Hempstone avatar@gandalf.bss.sol.net
eh	Ernest Hua hua@chromatic.com
ejc	Eric J. Chet ejc@gargoyle.bazzle.com
gl	Giles Lean giles@nemeton.com.au
gvr*	Guido van Rooij guido@FreeBSD.org
gw	Graham Wheeler gram@oms.co.za
imp*	Warner Losh imp@FreeBSD.org
jb	Jim Bresler jfb11@inlink.com
jha	John H. Aughey jha@cs.purdue.edu
jk	Jerry Kendall Jerry@kcis.com
jkh*	Jordan K. Hubbard jkh@FreeBSD.org
jm	Josef Moellers mollers.pad@sni.de
jmb*	Jonathan M. Bresler jmb@FreeBSD.org
joe*	Joe Greco jgreco@solaria.sol.net
ki	Kenneth Ingham ingham@i-pi.com
ky*	Kazutaka YOKOTA yokota@zodiac.mech.utsunomiya-u.ac.jp
marc	Marc Slemko marcs@znep.com
md	Matt Dillon dillon@best.net
mr	Mike Romaniw msr@cuc.com
mrvm*	Mark Murray mark@grondar.za
or*	Ollivier Robert roberto@keltia.freenix.fr
pb	Peter Blake ppb@baloo.tcp.co.uk
peter*	Peter Wemm peter@FreeBSD.org -
phk*	Poul-Henning Kamp phk@FreeBSD.org
pst*	Paul Traina pst@FreeBSD.org
rb	Reinier Bezuidenhout rbezuide@oskar.nanoteq.co.za
rd	Rajiv Dighe rajivd@sprynet.com
rel	Roger Espel Llima espel@llaic.univ-bpclermont.fr
rjk	Richard J Kuhns rjk@grauel.com -
rm	Robin Melville robmel@nadt.org.uk
rs	Robert Sexton robert@kudra.com
sc	Sergei Chechetkin csl@whale.sunbay.crimea.ua
tao	Brian Tao taob@risc.org
tdr	Thomas David Rivers ponds!rivers@dg-rtp.dg.com
witr	Robert Withrow witr@rwwa.com
xaa	Mark Huizer xaa@stack.nl
Key	Auditor/Reviewer Name and Email address
ab	Aaron Bornstein +aaronb@j51.com
ac	Adrian Chadd +adrian@psinet.net.au
ak	Adam Kubicki +apk@itl.waw.pl
am	Albert Mietus +albert@gamp.hacom.nl
avk	Alexander V. Kalganov +top@sonic.cris.net
bb	Bob Bishop +rb@gid.co.uk
bjn	Brent J. Nordquist +nordquist@platinum.com
bob	Bob Willcox +bob@luke.pmr.com
btm	Brian T. Michely +brianm@cmhcsys.com
cg	Coranth Gryphon +gryphon@healer.com
cl	Chris Lambertus +cmlambertus@ucdavis.edu
crh	Charles Henrich +henrich@crh.cl.msu.edu
dc	Dan Cross +tenser@spitfire.ecsel.psu.edu
dg*	David Greenman +davidg@FreeBSD.org
din	Dinesh Nair +dinesh@alphaque.com
dn	David Nugent +davidn@labs.usn.blaze.net.au
dob	David E. O'Brien +obrien@NUXI.com
dz	Danny J. Zerkel +dzerkel@phofarm.com
ee	Eivind Eklund +eivind@FreeBSD.org
eh	Elijah Hempstone +avatar@gandalf.bss.sol.net
ehu	Ernest Hua +hua@chromatic.com
ejc	Eric J. Chet +ejc@gargoyle.bazzle.com
gl	Giles Lean +giles@nemeton.com.au
gvr*	Guido van Rooij +guido@FreeBSD.org
gw	Graham Wheeler +gram@oms.co.za
imp*	Warner Losh +imp@FreeBSD.org
jb	Jim Bresler +jfb11@inlink.com
jh	Jake Hamby +jehamby@lightside.com
jha	John H. Aughey +jha@cs.purdue.edu
jk	Jerry Kendall +Jerry@kcis.com
jkh*	Jordan K. Hubbard +jkh@FreeBSD.org
jm	Josef Moellers +mollers.pad@sni.de
jmb*	Jonathan M. Bresler +jmb@FreeBSD.org
joe*	Joe Greco +jgreco@solaria.sol.net
ka	Kalganov Alexander +top@bird.cris.net
ki	Kenneth Ingham +ingham@i-pi.com
ky*	Kazutaka YOKOTA +yokota@zodiac.mech.utsunomiya-u.ac.jp
marc	Marc Slemko +marcs@znep.com
md	Matt Dillon +dillon@best.net
mr	Mike Romaniw +msr@cuc.com
mrvm*	Mark Murray +mark@grondar.za
mu	Mudge +mudge@l0pht.com
or*	Ollivier Robert +roberto@keltia.freenix.fr
pb	Peter Blake +ppb@baloo.tcp.co.uk
peter*	Peter Wemm +peter@FreeBSD.org
phk*	Poul-Henning Kamp +phk@FreeBSD.org
pst*	Paul Traina +pst@FreeBSD.org
rb	Reinier Bezuidenhout +rbezuide@oskar.nanoteq.co.za
rd	Rajiv Dighe +rajivd@sprynet.com
rel	Roger Espel Llima +espel@llaic.univ-bpclermont.fr
rjk	Richard J Kuhns +rjk@grauel.com
rm	Robin Melville +robmel@nadt.org.uk
rs	Robert Sexton +robert@kudra.com
sc	Sergei Chechetkin +csl@whale.sunbay.crimea.ua
tao	Brian Tao +taob@risc.org
tdr	Thomas David Rivers +ponds!rivers@dg-rtp.dg.com
vk	Vadim Kolontsov +vadim@tversu.ac.ru
witr	Robert Withrow +witr@rwwa.com
xaa	Mark Huizer +xaa@stack.nl