> True, but the point remains. Despite the fact that *BSD and Linux > are more often used on single-user workstations than large servers, > both OS's are gaining acceptance in the latter arena. As such, it > is wise to be aware of methods for local users to Do Bad Things (tm). Said the pot to the kettle. Go at it -- if you don't run OpenBSD, you have a couple hundred extra /tmp races to deal with. Does this sound like a change in topic? I don't think so. We have done tons to improve localhost security (races, protocols, not just buffer overflows like most other people fix). But there will always be crashes. Sorry. We Do What We Can. We really don't expect to be mauled to death when some little crash gets reported. > > Ob-BUGTRAQ-Posting: > > > > If you are logged into an NT box, you can type CTRL-ALT-DEL and take > > the system down. > > Ok, so NT is a bad example. :-) Such a post WRT Linux would be > equally stupid. However, we're talking about stuff *local users* can > do, not just someone who has access to the console. Sorry, but I must continue to disagree about the relevance of this entire issue to bugtraq. Question: What have you learned now that this crash report has turned into 20 bugtraq postings, half of them posted after a fix for the problem was available? Shall we have a similar discussion the next time we find a way to crash the system? Are these crashes really that much more interesting than completely new issues like www.openbsd.org/errata.html#fdalloc, which affect every single operating system, and yet did not get discussed on bugtraq?
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:09:17 PDT