| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 16 Jul 2008 01:13:34 -0300 From: Tiago Assumpcao <tiago@...umpcao.org> To: Casey Schaufler <casey@...aufler-ca.com> CC: Theodore Tso <tytso@....edu>, Linus Torvalds <torvalds@...ux-foundation.org>, pageexec@...email.hu, Greg KH <greg@...ah.com>, Andrew Morton <akpm@...ux-foundation.org>, linux-kernel@...r.kernel.org, stable@...nel.org Subject: Re: [stable] Linux 2.6.25.10 Casey Schaufler wrote: > Ted Tso, Stephen Smalley and I are all recognized as security experts > and we can't even agree on whether sockets are objects or not, much > less what constitutes a security bug and even less what is likely to > be a security bug. Goodness, there are some of us who would argue > that since DNS is itself a security bug it is just not possible for > DNS to have a security bug, as an example. > >> In most cases, they are easy to spot. > > Err, no, in the kernel environment a real security flaw is likely to > be pretty subtle. You do not hesitate in categorizing yourself as something as obscure as... what's that term again? "Expert". But then you fail on basic pragmatism when attempting to define what, nearly always, is a true or false question? Jeez ;) --t -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists