Steve Grubb wrote:
On Wednesday 15 August 2007 21:19:00 Steve Dickson wrote:
And yes, its conceivable the stack contents could create
a world writable setuid file which cannot ever be the intended operation.
The key word being "conceivable"... a hole that size would have been
found a long time ago...
This did in-fact happen in the wild and that's why its fixed this way. Its a
serious problem and it should be treated that way.
I'm not say is a problem that shouldn't be fixed... but I'm arguing that
killing process is not the appropriate way to deal with it... at least
right away.. make it a warning, which give developers a chance to fix
the problem and then, in the next OS release take a stronger stance...
steved.
--
Fedora-maintainers mailing list
Fedora-maintainers@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers
--
Fedora-maintainers-readonly mailing list
Fedora-maintainers-readonly@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly