From: Casey Schaufler <casey@schaufler-ca.com>
To: Tiago Assumpcao <tiago@assumpcao.org>
Cc: Theodore Tso <tytso@mit.edu>,
Linus Torvalds <torvalds@linux-foundation.org>,
pageexec@freemail.hu, Greg KH <greg@kroah.com>,
Andrew Morton <akpm@linux-foundation.org>,
linux-kernel@vger.kernel.org, stable@kernel.org
Subject: Re: [stable] Linux 2.6.25.10
Date: Tue, 15 Jul 2008 22:26:31 -0700 [thread overview]
Message-ID: <487D8687.7090003@schaufler-ca.com> (raw)
In-Reply-To: <487D756E.50506@assumpcao.org>
Tiago Assumpcao wrote:
> Casey Schaufler wrote:
>> Ted Tso, Stephen Smalley and I are all recognized as security experts
>> and we can't even agree on whether sockets are objects or not, much
>> less what constitutes a security bug and even less what is likely to
>> be a security bug. Goodness, there are some of us who would argue
>> that since DNS is itself a security bug it is just not possible for
>> DNS to have a security bug, as an example.
>>
>>> In most cases, they are easy to spot.
>>
>> Err, no, in the kernel environment a real security flaw is likely to
>> be pretty subtle.
>
> You do not hesitate in categorizing yourself as something as obscure
> as... what's that term again? "Expert".
Actually, I always hesitate before calling myself an expert,
in spite of the credentials I have to back the title. Too
many people seem to think that if you disagree with their
point of view you can't know what you're talking about.
> But then you fail on basic pragmatism when attempting to define what,
> nearly always, is a true or false question?
HeeHeeHee. Security questions are almost never true or false,
black or white, on or off. SPAM is *the* major computer security
issue and it has nothing at all to do with computers or security.
Is a use of strcpy() a security vulnerability? Sure it can be,
but in reality it almost never is, but the hysteria associated
with buffer overruns gave it a bad oder.
> Jeez ;)
It's not so bad. We'll be OK. Really.
next prev parent reply other threads:[~2008-07-16 5:26 UTC|newest]
Thread overview: 92+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-03 3:58 Linux 2.6.25.10 Greg KH
2008-07-03 3:58 ` Greg KH
2008-07-03 17:08 ` Bart Van Assche
2008-07-03 17:29 ` Greg KH
2008-07-03 18:57 ` Greg KH
2008-07-03 19:31 ` pageexec
2008-07-14 12:04 ` [stable] " Greg KH
2008-07-15 2:14 ` pageexec
2008-07-15 2:27 ` Linus Torvalds
2008-07-15 15:31 ` pageexec
2008-07-15 16:07 ` Linus Torvalds
2008-07-15 16:13 ` Linus Torvalds
2008-07-17 21:08 ` Aidan Thornton
2008-07-15 19:03 ` pageexec
2008-07-15 19:16 ` Linus Torvalds
[not found] ` <487D20EC.26203.1BD1E5C5@pageexec.freemail.hu>
2008-07-15 20:18 ` Linus Torvalds
2008-07-15 20:23 ` pageexec
2008-07-15 20:42 ` Linus Torvalds
2008-07-15 21:18 ` pageexec
2008-07-15 21:26 ` Linus Torvalds
2008-07-15 22:08 ` pageexec
2008-07-15 23:28 ` Linus Torvalds
2008-07-16 0:00 ` Tiago Assumpcao
2008-07-16 0:16 ` Linus Torvalds
2008-07-16 0:38 ` Tiago Assumpcao
2008-07-16 0:51 ` Linus Torvalds
2008-07-16 1:10 ` Tiago Assumpcao
2008-07-16 1:41 ` Linus Torvalds
2008-07-16 2:24 ` Tiago Assumpcao
2008-07-16 3:11 ` Theodore Tso
2008-07-16 9:49 ` pageexec
2008-07-16 10:08 ` David Miller
2008-07-16 10:23 ` pageexec
2008-07-16 10:31 ` David Miller
2008-07-16 10:51 ` pageexec
2008-07-16 11:04 ` David Miller
2008-07-16 11:52 ` pageexec
2008-07-16 3:13 ` Greg KH
2008-07-16 9:01 ` pageexec
2008-07-16 9:35 ` Gabor Gombas
2008-07-16 10:04 ` pageexec
2008-07-16 14:43 ` Greg KH
2008-07-16 15:43 ` pageexec
2008-07-16 16:29 ` Greg KH
2008-07-16 17:25 ` pageexec
2008-07-16 18:08 ` Theodore Tso
2008-07-16 19:09 ` pageexec
2008-07-17 3:43 ` Mike Galbraith
2008-07-16 1:08 ` Theodore Tso
2008-07-16 1:30 ` pageexec
2008-07-16 1:53 ` Tiago Assumpcao
2008-07-16 2:02 ` Linus Torvalds
2008-07-16 2:36 ` Tiago Assumpcao
2008-07-16 4:07 ` Linus Torvalds
2008-07-16 4:16 ` Tiago Assumpcao
2008-07-16 3:27 ` Casey Schaufler
2008-07-16 4:13 ` Tiago Assumpcao
2008-07-16 4:21 ` Linus Torvalds
2008-07-16 5:02 ` Tiago Assumpcao
2008-07-16 5:13 ` Linus Torvalds
2008-07-16 5:26 ` Casey Schaufler [this message]
2008-07-16 9:33 ` pageexec
2008-07-16 13:21 ` Theodore Tso
2008-07-16 15:16 ` pageexec
2008-07-16 0:04 ` pageexec
2008-07-16 0:24 ` Linus Torvalds
2008-07-16 0:56 ` pageexec
2008-07-16 1:08 ` Linus Torvalds
2008-07-16 1:23 ` pageexec
2008-07-17 7:19 ` Rafael C. de Almeida
2008-07-17 7:59 ` pageexec
2008-07-17 4:21 ` Phil Pell
2008-07-15 18:33 ` Theodore Tso
2008-07-15 20:28 ` pageexec
2008-07-15 22:39 ` Greg KH
2008-07-15 22:47 ` David Miller
2008-07-15 23:08 ` Tiago Assumpcao
2008-07-15 23:21 ` David Miller
2008-07-15 23:26 ` pageexec
2008-07-15 23:26 ` Tiago Assumpcao
2008-07-15 23:22 ` pageexec
2008-07-15 23:35 ` David Miller
2008-07-15 23:09 ` pageexec
2008-07-15 20:15 ` Tiago Assumpcao
2008-07-20 1:13 ` Bernd Eckenfels
2008-07-15 23:34 ` Tiago Assumpcao
2008-07-19 0:47 ` David Schwartz
2008-07-19 1:01 ` david
2008-07-19 1:51 ` David Schwartz
2008-07-19 5:41 ` Willy Tarreau
2008-07-05 7:54 ` Bart Van Assche
2008-07-08 4:12 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=487D8687.7090003@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=akpm@linux-foundation.org \
--cc=greg@kroah.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pageexec@freemail.hu \
--cc=stable@kernel.org \
--cc=tiago@assumpcao.org \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox