>It struck me that interpretation of security issues are quite often
>OS-specific.  That, coupled with the fact that security programs have to
>be tuned slightly for your file system hierarchy, userlevel programs, etc.,
>could be sufficient reason to form a list.
[...]
>Ideally, there would be two lists, one for relevant announcements, and
>one for discussion.
>In particular, the announcements should be low-volume and there should
>be a few people in charge of reading other specific security lists and
>reporting relevant bits.

The FreeBSD folks have something similar (though I don't know the
nature of the traffic on the lists), in freebsd-security and
freebsd-security-notifcations.

-----------------------------------------------------------------------------
  Michael L. VanLoon                                 michaelv@HeadCandy.com
        --<  Free your mind and your machine -- NetBSD free un*x  >--
    NetBSD working ports: 386+PC, Mac 68k, Amiga, Atari 68k, HP300, Sun3,
        Sun4/4c/4m, DEC MIPS, DEC Alpha, PC532, VAX, MVME68k, arm32...
    NetBSD ports in progress: PICA, others...

   Roll your own Internet access -- Seattle People's Internet cooperative.
                  If you're in the Seattle area, ask me how.
-----------------------------------------------------------------------------