Re: OT] Joerg Schilling flames Linux on his Blog

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Kyle Moffett <[email protected]> wrote:

> On May 25, 2005, at 09:15:33, Joerg Schilling wrote:
> > If Linux believes that there should be enhanced security similar to  
> > Solaris and
> > if Linux is a true open Source business, then I would expect that  
> > there is
> > cooperation. If I change things in e.g. mkisofs or cdrecord that  
> > could result
> > in problems for my "users", I send a notification mail to the  
> > XCDRoast & k3b
> > authors early enough.
>
> There was a security hole in the CD burner support.  The Linux Kernel  
> developers
> fixed it quickly.  They were not planning to wait 6 months for you to  
> get an
> updated version of cdrecord out the door in any case.  If you want more
> information on the Linux Kernel security policy, please see a recent  
> copy of the
> linux kernel for the file Documentation/SecurityBugs.  To quote the  
> relevant

Looks like you did not read the mail from me you were replying to.

The best way to fix a problem is to fix the problem and not to do something 
else and to change the interface.

The problem was that you could send SCSI commands on R/O fds and fixing the
problem would have been to forbid sending SCSI commands on R/O fds.

Jörg

-- 
 EMail:[email protected] (home) Jörg Schilling D-13353 Berlin
       [email protected]		(uni)  
       [email protected]	(work) Blog: http://schily.blogspot.com/
 URL:  http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux