On Jan 2, 2008 11:31 PM, Tomasz Kojm <[EMAIL PROTECTED]> wrote: > I don't negate your points about O_EXCL etc. I don't negate the thesis in > the subject either :-) What I really negate is the FUD you're making with your > disclosures, some technical details, and the general pointless of making > a storm in a teacup around issues which should be rather treated as regular > bugs because their security significance is close to 0.
Lol, wut FUD? YOU are the one that spreads misleading information, due to your failure to understand the implications of a number of security issues which you deny or dismiss as insignificant. And exactly those programs that are written by the ignorant kind of people like you are the ones that get exploited. Or is your denial simply the result of the personal hurt because all types of security groups pwn teh shit out of ClamAV? Better be happy that at least somebody audits your code, or take the next step: rigorously audit the code by yourself. Regards, Rofl as in Lek _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
