Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 16 Feb 2014 14:36:17 +0100
From: Helmut Grohne <helmut@...divi.de>
To: oss-security@...ts.openwall.com
Subject: Re: Re: Bug#738855: initscripts: Skip killing
 root-owned process starting with @

On Sun, Feb 16, 2014 at 12:10:43AM +0400, Solar Designer wrote:
> I reluctantly approved Petter's posting, although it was unclear if it
> was CC'ed to oss-security on purpose or accidentally.

It is common practise on bugs.d.o. to just reply to everyone. I should
have made clear that oss-sec should only be included for security
relevant aspects.

> FYI, the thread on oss-security started here:
> 
> http://www.openwall.com/lists/oss-security/2014/02/14/4
> 
> and you may see follow-ups (which were _not_ CC'ed to the Debian bug)
> via the "thread-next" link.
> 
> Dimitri, since you were the one to add the CC:, what would you like us
> to do?  So far, Petter's is the only such comment CC'ed to oss-security
> after yours, but I suspect that many more comments will be posted to the
> Debian bug later (since there's no consensus), and many may/would be
> CC'ed to oss-security without specific reason (OK, maybe my bringing the
> question up will affect this and it won't be happening).

As the one who moved this discussion to oss-sec, I intended only the
security implications of the approach chosen by systemd (and proposed
for initscripts) to be discussed here.

>From my POV, please block future messages to the bug discussing
implementation details from oss-sec. 

Helmut

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.