>> In <[EMAIL PROTECTED]>, Matt Emmerton ><[EMAIL PROTECTED]> typed: >> > I disagree. It really comes down to how secure you want FreeBSD to be, >and >> > the attitude of "we don't need to protect against this case because >anyone >> > who does this is asking for trouble anyway" is one of the main reason >why >> > security holes exist in products today. (Someone else had brought this >up >> > much earlier on in the thread.) >> >> You haven't been paying close enough attention to the discussion. To >> exploit this "security problem" you have to be root. If it's an >> external attacker, you're already owned. > >I'm well aware of that fact. That's still not a reason to protect against >the problem. > >If your leaky bucket has 10 holes in it, would you at least try and plug >some of them? >
In my post I told that this is *NOT* exploitable but if somebody finds a method? what you can say? In underground comunities it's not so rare, patching is better than having a new exploits for freebsd. I was very deluded by this approach to potential security problem... (I repeat: *POTENTIAL*). rookie _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
