Re: Flame Linus to a crisp!

• Next message: William Lee Irwin III: "Re: Flame Linus to a crisp!"
• Previous message: Linus Torvalds: "Re: Flame Linus to a crisp!"
• In reply to: viro@parcelfarce.linux.theplanet.co.uk: "Re: Flame Linus to a crisp!"
• Next in thread: Dax Kelson: "Re: Flame Linus to a crisp!"
• Reply: Dax Kelson: "Re: Flame Linus to a crisp!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 24 Apr 2003 06:39:50 BST, viro@parcelfarce.linux.theplanet.co.uk said:

> Excuse me, but I don't get the last part. You know that
> F had been built in environment of unspecified degree of security
> from source that had been kept in <--->
> written by programmers you don't know
> who had been hired in conformace with criteria <--->
> and released after passing QA of unknown quality (but you can bet
> that they had missed some security holes in the past)
> under a license that almost certainly disclaims any responsibility.
>
> Care to explain how does one get from the trust in above to "trusted to run"?

On top of which, if a buffer overflow is found, the exploit will run in
the context of the signed program. What it *does* mean is that once the
ankle-biting script kiddie breaks in, the kernel will hopefully refuse to
run their unsigned exploits.

• application/pgp-signature attachment: stored

• Next message: William Lee Irwin III: "Re: Flame Linus to a crisp!"
• Previous message: Linus Torvalds: "Re: Flame Linus to a crisp!"
• In reply to: viro@parcelfarce.linux.theplanet.co.uk: "Re: Flame Linus to a crisp!"
• Next in thread: Dax Kelson: "Re: Flame Linus to a crisp!"
• Reply: Dax Kelson: "Re: Flame Linus to a crisp!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Apr 30 2003 - 22:00:11 EST