-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [It's just a panic] I was so transfixed on Josh stating that the attacker could as well just mount a filesystem with suid root binaries and how that would be more useful than a buffer overflow in the filesystem driver. I totally missed the fact that we were talking about two bugs where the kernel deliberately called panic() ;).
So in this case I'd agree that the panic() is undesirable, but not really a security issue. Lutz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFZ2L5DbEkl9DbWrYRAus0AJwPEkX240mVIWme//LzHw210kUzKQCffFv1 6KGhWX9L0kzuMxk+JR+GyCg= =RSll -----END PGP SIGNATURE----- _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[EMAIL PROTECTED]"
