[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Locally exploitable races? OpenBSD
What he is saying is simple.
1) Yes, it is a bug and it's going to get fixed.
2) The priority of fixing this isn't that high, due to the fact is someone
really wanted to take your box down locally, there are quite a few other
ways to accomplish that feat without this bug.
----- Original Message -----
From: "Robert Mooney" <rjmooney@aboveground.cx>
To: "Todd C. Miller" <Todd.Miller@courtesan.com>
Cc: "OpenBSD Tech" <tech@openbsd.org>
Sent: Tuesday, June 05, 2001 6:24 PM
Subject: RE: Locally exploitable races? OpenBSD
> OK, so are you saying that it cannot be exploited from a shell?
>
> I understand there are priorities. Likewise, I am not demanding a thing.
>
> : -----Original Message-----
> : From: Todd C. Miller [mailto:Todd.Miller@courtesan.com]
> : Sent: Tuesday, June 05, 2001 5:39 PM
> : To: Robert Mooney
> : Cc: Todd C. Miller; OpenBSD Tech
> : Subject: Re: Locally exploitable races? OpenBSD
> :
> :
> : In message <EMEDICPIODIODOGJHBEPIEMPCLAA.rjmooney@aboveground.cx>
> : so spake "Robert Mooney" (rjmooney):
> :
> : > I am still trying to understand the philosophy. This seems to go
against the
> : > principles of the project. If it's public, at least, shouldn't it be
fixed?
> :
> : Of course. No one said it wasn't going to get fixed but it sure
> : doesn't help when users demand patches for what what are largely
> : non-issues. The developers may simply have different priorities
> : as to what is and is not time sensitive--that's life in a free
> : software project.
> :
> : - todd