On Wed, Nov 18, 2020 at 08:30:48PM +0100, Evan Rudford wrote: > I believe that Spectre and Meltdown are kind of orthogonal to many > other security threats. > Yes, I fully agree that Spectre and Meltdown need to be addressed, but > I still consider arbitrary buffer overflows in parsing libraries as > more dangerous than "typical" Spectre/Meltdown threats. You do realize that the kernel does very little parsing, and doesn't use any parsing libraries, right? In any cases, do you have a specific proposal you'd like to make? Or do you have something specific you'd be interested in doing, yourself, to help make things better? - Ted
