Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 16 Feb 2014 14:36:17 +0100
From: Helmut Grohne <helmut@...divi.de>
To: oss-security@...ts.openwall.com
Subject: Re: Re: Bug#738855: initscripts: Skip killing
 root-owned process starting with @

On Sun, Feb 16, 2014 at 12:10:43AM +0400, Solar Designer wrote:
> I reluctantly approved Petter's posting, although it was unclear if it
> was CC'ed to oss-security on purpose or accidentally.

It is common practise on bugs.d.o. to just reply to everyone. I should
have made clear that oss-sec should only be included for security
relevant aspects.

> FYI, the thread on oss-security started here:
> 
> http://www.openwall.com/lists/oss-security/2014/02/14/4
> 
> and you may see follow-ups (which were _not_ CC'ed to the Debian bug)
> via the "thread-next" link.
> 
> Dimitri, since you were the one to add the CC:, what would you like us
> to do?  So far, Petter's is the only such comment CC'ed to oss-security
> after yours, but I suspect that many more comments will be posted to the
> Debian bug later (since there's no consensus), and many may/would be
> CC'ed to oss-security without specific reason (OK, maybe my bringing the
> question up will affect this and it won't be happening).

As the one who moved this discussion to oss-sec, I intended only the
security implications of the approach chosen by systemd (and proposed
for initscripts) to be discussed here.

>From my POV, please block future messages to the bug discussing
implementation details from oss-sec. 

Helmut

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ