How not to respond to a security advisory

How not to respond to a security advisory
Jason Miller, 2006-01-18

A recently announced weakness in the BSD securelevel system isn't going to be fixed in OpenBSD. While securelevel may have problems, the vendor's security response is unacceptable and doesn't fit with their stated goals.

Expand all | Post comment

How not to respond to a security advisory 2006-01-19
Miles (3 replies)

Fair enough point, but maybe first you should have asked Theo de Raadt why he has that opinion. That _may_ have shed some light on, as you say, not the actions of the OpenBSD team, but the comment he made.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/380/32964#32964

Re: How not to respond to a security advisory 2006-01-19
Dwight

Re: How not to respond to a security advisory 2006-01-19
Anonymous

Secure levels as a control is too coarse grained 2006-01-19
Anonymous (1 replies)

Re: Secure levels as a control is too coarse grained 2006-01-21
Anonymous

How not to respond to a security advisory 2006-01-19
Anonymous

How not to respond to a security advisory 2006-01-19
Anonymous (1 replies)

Re: How not to respond to a security advisory 2006-01-25
Matthew Murphy

How not to respond to a security advisory 2006-01-19
DS

How not to respond to a security advisory 2006-01-19
Anonymous (2 replies)

Re: How not to respond to a security advisory 2006-01-19
Kelly Martin

Re: How not to respond to a security advisory 2006-01-21
Anonymous

How not to respond to a security advisory 2006-01-19
Anonymous