Re: PATCH: cdrecord: avoiding scsi device numbering for ide devices

[Valdis . Kletnieks]

On Fri, 20 Aug 2004 21:28:56 +0200, Martin Schlemmer said:
> On Fri, 2004-08-20 at 15:41, Joerg Schilling wrote:
> > Unless you tell us what kind of "security holes" you found _and_ when this has
> > been, it looks like a meaningless remark.

> But this is the same kind of remarks you make - statements without
> proof (the ones you also did not explain, and explicitly refuse to
> explain or give a pointer to) - so I assume we should also consider
> them as meaningless ?

The difference is that Alan Cox has enough reputation that if he handwaves and
says something opaque about thinking that R/O permissions is enough to stop
something, the obvious explanations (in order of likelyhood) are:

1) He's found an actual hole, and is being intentionally obtuse until the patch
appears in the tree. (I've certainly seen *that* happen often enough, and I'm
not even what would be called an old-timer around here)..

2) It's something actually obvious, and his remark only appears opaque because
I'm an idiot and don't get it (that's been known to happen fairly often as
well).

3) He's actually full of it (much less likely than either of the first two)...

Attachment: pgp00000.pgp
Description: PGP signature