Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
How not to respond to a security advisory
Jason Miller, 2006-01-18

A recently announced weakness in the BSD securelevel system isn't going to be fixed in OpenBSD. While securelevel may have problems, the vendor's security response is unacceptable and doesn't fit with their stated goals.

Submit Comment Mode:
Name:
Subject:
Message:
 
  Enter the characters that appear above
 
Re: Theo being theo... 2006-01-20
Anonymous
But I don't see how this IS a security issue. If the attacker has root access, then you have bigger problems. If the attacker mounts another filesystem over an important immutable filesystem, then he will be working with privileges he ALREADY HAD on files which are NOT the immutable files. Temporari...

[ more ]  




 

Privacy Statement
Copyright 2008, SecurityFocus