Date: Mon, 14 Mar 2011 09:44:10 -0400 From: Steve Grubb <sgrubb@...hat.com> To: oss-security@...ts.openwall.com Cc: Dan Rosenberg <dan.j.rosenberg@...il.com>, Stephan Mueller <stephan.mueller@...ec.com>, Vasiliy Kulikov <segoon@...nwall.com> Subject: Re: Untrusted fs and invalid filenames On Monday, March 14, 2011 08:56:45 am Dan Rosenberg wrote: > As I see it, there are > four scenarios where this might matter: What about repudiation? 5. Attacker constructs drive image such that an unexpected access of a file is made and recorded by the audit system showing someone else doing it. Consider remote logging and the attacker having no way to erase access. -Steve
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.