lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 13 Aug 2013 04:37:58 -0700 (PDT)
From: terry white <twhite@...ota.com>
To: Reindl Harald <h.reindl@...lounge.net>
cc: bugtraq@...urityfocus.com
Subject: Re: [Full-disclosure] Apache suEXEC privilege elevation / information
 disclosure


... ciao:

: on "8-13-2013" "Reindl Harald" writ:
: >> and so stop trying to be a smartass in topics you are clueless
: >
: > Please no personal insults

: truth != insult

   it is perhaps just me, but when i see "smartass" in an otherwise 
reasoned dialogue, "the TRUTH", is seldom if ever, my first thought.  what 
is, is a weakness in position; either with the position taken, or an 
inability to handle the frustration of holding it.
 
   in addition, clueless as a delimiter, is not absolute in discussion.  
there are times, when expertise blinds its holder to an obvious but 
counter intuitive point of view. 

   for example, i lay claim to being the icon of "clueless" when it comes 
to 'php'. i did however, "NOTICE" all the security problems showing up in 
regard to it.  AND was able to figure out, it a "RISK", no matter ""which"" 
'webserver' it services.  if i'd known more, i too, could have "blamed" 
apache ...


... it's not what you see ,
    but in stead , notice ...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ