Bugtraq mailing list archives
Re: [8lgm]-Advisory-14.UNIX.SCO-prwarn.12-Nov-1994
From: nickless () mcs anl gov (Bill Nickless)
Date: Sun, 04 Dec 1994 12:49:23 -0600
At 01:02 PM 12/3/94 -0500, Bob Manson wrote:
I have a basic problem with partial disclosure: who decides who is "eleeet" enough to receive the full disclosure? If you're not in the "in crowd", you lose. And that's fine with me, ultimately--if 8lgm decides they don't want to do full disclosure, that's up to them. But that doesn't mean the rest of us can't and won't disclose everything that we know in a free environment.
This rings true to me. Take the bug that bit IBM a couple of months ago regarding the interaction between logind and login. Many people at our site beat on IBM because of such a wide hole that had been fixed in other systems long before. But they had no answer when I asked "so if you worked at IBM, who could you ask to get a list of known security holes in BSD or whatever so that you could make sure your operating system has fixed them?" -- Bill Nickless nickless () mcs anl gov +1 708 252 7390 http://www.mcs.anl.gov/people/nickless
Current thread:
- Re: [8lgm]-Advisory-14.UNIX.SCO-prwarn.12-Nov-1994 Tim Newsham (Nov 29)
- <Possible follow-ups>
- Re: [8lgm]-Advisory-14.UNIX.SCO-prwarn.12-Nov-1994 Neil Woods (Nov 30)
- Re: [8lgm]-Advisory-14.UNIX.SCO-prwarn.12-Nov-1994 Paul Graham (Nov 30)
- Re: Re: [8lgm]-Advisory-14.UNIX.SCO-prwarn.12-Nov-1994 Pete Hartman (Dec 01)
- Re: [8lgm]-Advisory-14.UNIX.SCO-prwarn.12-Nov-1994 Bob Manson (Dec 03)
- Re: [8lgm]-Advisory-14.UNIX.SCO-prwarn.12-Nov-1994 Neil Woods (Dec 03)
- Re: [8lgm]-Advisory-14.UNIX.SCO-prwarn.12-Nov-1994 Tim Scanlon (Dec 03)
- Re: [8lgm]-Advisory-14.UNIX.SCO-prwarn.12-Nov-1994 Bill Nickless (Dec 04)