oss-sec mailing list archives

Re: handling of Linux kernel vulnerabilities

From: Alton Moore <alton.moore () newcomlink com>
Date: Tue, 5 Mar 2013 21:38:40 -0600

I think this is a fairly meaningful discussion, not that I feel all thatqualified to speak to some of its particulars.

Everyone being well intentioned here, the question is how to put forwardthe least amount of effort (work) and get the most results (overallsecurity). When that issue gets hazy, it's often useful to fall backupon some fundamental tenets that we as computer guys usually believein. "Openness" springs to mind at the moment, although other similarlyrespected concepts might be equally applicable.

Not taking sides or anything; just suggesting that, all other thingsbeing equal, the most philosophically appealing course might turn out tobe the best one. Seems to work for physics. :-)


Regards,
Alton Moore

Current thread:

Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow), (continued)
- - - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Solar Designer (Mar 03)
    - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Greg KH (Mar 03)
    - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Michael Gilbert (Mar 03)
    - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Greg KH (Mar 03)
    - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Eric Lacombe (Mar 04)
    - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Greg KH (Mar 04)
    - Re: handling of Linux kernel vulnerabilities Kurt Seifried (Mar 04)
    - Re: handling of Linux kernel vulnerabilities Solar Designer (Mar 04)
    - Re: handling of Linux kernel vulnerabilities Noel Butler (Mar 05)
    - Re: handling of Linux kernel vulnerabilities Solar Designer (Mar 05)
    - Re: handling of Linux kernel vulnerabilities Alton Moore (Mar 05)
    - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Eric Lacombe (Mar 05)
    - Re: handling of Linux kernel vulnerabilities Andreas Ericsson (Mar 04)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Kurt Seifried (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Daniel Kahn Gillmor (Feb 27)

(Thread continues...)