Bugtraq mailing list archives
Re: Fwd: Any user can panic OpenBSD machine
From: deraadt () CVS OPENBSD ORG (Theo de Raadt)
Date: Tue, 28 Jul 1998 13:14:30 -0600
True, but the point remains. Despite the fact that *BSD and Linux are more often used on single-user workstations than large servers, both OS's are gaining acceptance in the latter arena. As such, it is wise to be aware of methods for local users to Do Bad Things (tm).
Said the pot to the kettle. Go at it -- if you don't run OpenBSD, you have a couple hundred extra /tmp races to deal with. Does this sound like a change in topic? I don't think so. We have done tons to improve localhost security (races, protocols, not just buffer overflows like most other people fix). But there will always be crashes. Sorry. We Do What We Can. We really don't expect to be mauled to death when some little crash gets reported.
Ob-BUGTRAQ-Posting: If you are logged into an NT box, you can type CTRL-ALT-DEL and take the system down.Ok, so NT is a bad example. :-) Such a post WRT Linux would be equally stupid. However, we're talking about stuff *local users* can do, not just someone who has access to the console.
Sorry, but I must continue to disagree about the relevance of this entire issue to bugtraq. Question: What have you learned now that this crash report has turned into 20 bugtraq postings, half of them posted after a fix for the problem was available? Shall we have a similar discussion the next time we find a way to crash the system? Are these crashes really that much more interesting than completely new issues like www.openbsd.org/errata.html#fdalloc, which affect every single operating system, and yet did not get discussed on bugtraq?
Current thread:
- Re: Fwd: Any user can panic OpenBSD machine, (continued)
- Re: Fwd: Any user can panic OpenBSD machine Timothy J Luoma (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine David Maxwell (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Theo de Raadt (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Kragen (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Cy Schubert (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Peter W (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Kragen (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Michael Jennings (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Theo de Raadt (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Michael Jennings (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Theo de Raadt (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Michael Jennings (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Chris Wedgwood (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Chris Wedgwood (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Gert Doering (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine David Shaw (Jul 27)