oss-sec mailing list archives
Re: USBCreator D-Bus service
From: Solar Designer <solar () openwall com>
Date: Thu, 23 Apr 2015 05:49:47 +0300
On Wed, Apr 22, 2015 at 05:50:35PM -0700, Tavis Ormandy wrote:
On Wednesday, April 22, 2015, Seth Arnold <seth.arnold () canonical com> wrote:We treat local root escalation vulnerabilities with a high priority[1].I wish you had spoken up during the previous discussion. It was my impression that embargoes for local privilege escalations were universally considered deprecated.
I think Kurt's comment (in the linux-distros discussion) on not needing further vulnerability reports embargoed applied solely to ABRT. I can see how this can appear as extending to any local root issues, for users who have ABRT installed and enabled. Kurt might want to clarify this. Alexander
Current thread:
- Re: USBCreator D-Bus service, (continued)
- Re: USBCreator D-Bus service Solar Designer (Apr 22)
- Re: USBCreator D-Bus service Tavis Ormandy (Apr 22)
- Re: USBCreator D-Bus service Solar Designer (Apr 22)
- Re: USBCreator D-Bus service Tavis Ormandy (Apr 22)
- Re: USBCreator D-Bus service Tavis Ormandy (Apr 22)
- Re: USBCreator D-Bus service Seth Arnold (Apr 22)
- Re: USBCreator D-Bus service Tavis Ormandy (Apr 22)
- Re: Re: USBCreator D-Bus service Seth Arnold (Apr 22)
- Re: Re: USBCreator D-Bus service Marc Deslauriers (Apr 22)
- Re: Re: USBCreator D-Bus service Tavis Ormandy (Apr 22)
- Re: Re: USBCreator D-Bus service Kurt Seifried (Apr 22)
- Re: USBCreator D-Bus service Solar Designer (Apr 22)
- Re: USBCreator D-Bus service Kurt Seifried (Apr 22)
- Re: USBCreator D-Bus service Grandma Eubanks (Apr 24)
- Re: USBCreator D-Bus service Solar Designer (Apr 22)