Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150402180208.GD4456@example.net>
Date: Thu, 2 Apr 2015 20:02:08 +0200
From: u-wsnj@...ey.se
To: musl@...ts.openwall.com
Cc: busybox@...ybox.net
Subject: Re: Re: Busybox on musl is affected by CVE-2015-1817

On Thu, Apr 02, 2015 at 11:38:25AM -0400, Rich Felker wrote:
> > Unfortunately I can not really appreciate its beauty which appears to hide
> > the complexity and/or move it to other parties (like the dynamic linker
> > or the software maintenance infrastructure). Yes it "looks simple and
> > efficient" but is it, really?
> 
> It's not.

This was intended to be a rhetorical question
but a clear statement surely does not hurt.

> > Unfortunately even seasoned gurus easily create / fail to notice holes!
> > :(
> 
> I'd much rather eliminate the opportunity for the hole from the start.

Exactly. Honestly this is what I meant.

Rune

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.