lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: hjtoi at comcast.net (Heikki Toivonen) Subject: Browser bugs [DoS] ... where will you draw a line? bipin gautam wrote: > Browser bugs [DoS] ... where will you draw a line? Browser DoS bugs don't get high priority because they are so easy to avoid. For example, if you go to a website that crashes your browser, hangs it, or launches 10,000 popup windows you can simply kill the browser and never go to that site again. Annoying, yes, but that's about it. DoS bugs that cause permanent damage are treated differently, of course. For example, I could imagine a bug that would corrupt some critical file and the browser would no longer start. Those bugs would be fixed fast, like traditional security vulnerabilities. -- Heikki Toivonen
Powered by blists - more mailing lists