Re: Security release criterion proposal

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2011-05-18 at 19:14 +0200, J B wrote:
> Hi,
> 
> > I don't know if anyone
> > would want to go as far as making DoS vulns release blocking, but speak
> > up if you would! (Of course there is again the local/remote distinction
> > to consider there: 'all DoS vulns' would be a much tighter standard than
> > 'remote DoS vulns').
> 
> I think the "use of a live image shipped with the release" scenario is
> worth rethinking due to the following:
> 
>    you talk about a *local* DoS - that's technically true.
> But you know it can be triggered remotely e.g. if you are exposed to
> Internet (nowadays almost everybody is), and the attacker knows the nature
> of vulnerability, and what OS area can be hit to do the maximum damage
> (the price can be very attractive - e.g. the issue raised today by me regarding
> /run/user and /dev/shm and systemd, which is perhaps the most important
> system program after kernel itself).
> So, even a local DoS could qualify for a security blocker.

Um, to my understanding, your reasoning is flawed. The definition of a
'local' vulnerability is one which requires console access to exploit.
What you're talking about would not be possible with a 'local exploit',
as the term is usually understood; these can't be exploited by a remote
attacker even if you're 'exposed to Internet'. As far as I'm aware,
the /dev/shm DoS cannot be exploited by a remote attacker.
-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test


[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux