Bugtraq mailing list archives
Re: Fwd: Any user can panic OpenBSD machine
From: perry () piermont com (Perry E. Metzger)
Date: Tue, 28 Jul 1998 17:59:11 -0400
Theo de Raadt writes:
did it. Now, shall I list 50 ways to crash a NetBSD box from the shell?I would highly appreciate it if you would. The NetBSD project believes in the same philosophy of open disclosure that the BUGTRAQ mailing list runs on. What you know about you can fix, what you don't know about *can* hurt you. By all means, please make your list public. If you tell us about these 50 ways to crash a NetBSD box from the shell, we can fix them. If you don't tell us about them, we cannot fix them.Our source tree is available for anonymous cvs. You can look at it. Detailed commit messages are available.
Most of your security CVS messages, Theo, say things like "pretty" or "oops" or "fixed problem". This doesn't help people who are watching your CVS commits list much -- it is hard to read every line you add to your source tree. It would be much easier if you simply sent out security information in a reasonably detailed way. If you actually have 50 ways to crash a NetBSD box from the shell, please, by all means tell us what they are. BUGTRAQ is primarily for full disclosure, not for telling us that you know something we don't know.
How about the various problems at http://www.openbsd.org/security.html which have been sitting there for months?
I believe we've fixed those, except for the ones that do not apply to us and a few on which there are honest disagreements.
I'm sorry, Perry. I am not being paid to audit your insecure little operating system managed by nasty argumentative people.
Sigh. I was under the impression that most people around here are believers in the Open Source philosophy and would rather share information than hoard it. In any case, I hope that most people around here are more generous about trying to help each other out in improving system security. That's what BUGTRAQ is for, after all. Perry
Current thread:
- Microsoft Security Bulletin (MS98-008), (continued)
- Microsoft Security Bulletin (MS98-008) Aleph One (Jul 27)
- Fwd: Any user can panic OpenBSD machine Michael Fuhr (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine David Maxwell (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Dag-Erling Coidan Smørgrav (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Michael Fuhr (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Angelos D. Keromytis (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Theo de Raadt (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Theo de Raadt (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Alfred Huger (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 28)
- CERT Vendor-Initiated Bulletin VB-98.07 - OpenVMS.LOGINOUT (fwd) Phillip R. Jaenke (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Timothy J Luoma (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine David Maxwell (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Theo de Raadt (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Kragen (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Cy Schubert (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Peter W (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Kragen (Jul 28)