> FYI, I filed bug #4199722 in Sun's bugs database. > I'd love it if someone did the "SPARC excercise". (If you have an > x86 exploit, it's not always as easy to maek a SPARC one) > Casper Sorry to waste bandwidth with snivelling... but it always seems to me that the "exercise for the reader" means "I don't know how to do it, perhaps someone else might do it," or worse in "I think this might be possible, but I'm really not able to prove it." Sometimes it's a bit annoying when people are talking about theoretical bugs/exploits and something is said like ``it should be possible to do blah or blah'' -- sure, it's possible that anything has a bug or an exploit, it's possible to break DES, and it's possible to blah to and blah, etc., but IMnsHO, it seems to do little good until someone is going to lose money over the situation. It's also interesting to note that it seems that the exercises for the reader from a long time ago are finally being turned into xploits or executable/provable examples which, in turn, seems to be leading to things getting fixed. It's as if there isn't proof or an exploit, the issue is simply ignored. It's amazing to see how many exploits are coming out for linux that are the same as exploits for other platforms from long ago, or ones that are based on things that should have been learned a long time ago. I think it's kind of a shame that each/an OS has to suffer this way while becoming popular and populous. Scott
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:26:22 PDT