Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 26 Feb 2013 23:29:10 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Yves-Alexis Perez <corsac@...ian.org>
Subject: Re: CVE request - Linux kernel: VFAT slab-based buffer
 overflow

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/26/2013 02:38 PM, Yves-Alexis Perez wrote:
> On mar., 2013-02-26 at 14:05 -0700, Kurt Seifried wrote:
>> The problem with security is you have to basically do it 100% 
>> correctly 100% of the time
> 
> You can also look at other, more proactives approaches (hardening
> the memory layout, enforcing W^X etc.). Even hardening userland
> might help here.

I was referring to security process, not security technology, sorry I
should have been more clear.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRLae2AAoJEBYNRVNeJnmTFicP/R1mzoiCLtPWlwy9JEDJuYK6
/K1p7UD1CmxyFdP/tkNoDDjv9QSIqw4Savg0hD1nvpYR/Wm7nB4006dkDCNRZVXr
XcgwKRKMHbX6cDLRONOLrCgplAnq+QR5A8V3hqpnRyRLq/OFvbuQO9JaKkM8t4+u
J1tip7qgZyTFtC5E5h47L3DoCTnb7+r3xF77lnuXn3xRrH1zWogKS/1rhsGURH5Z
7lbITT5yjaOoKENZnllYGXBOcaadgnJ8j0TobTrPTLEUZJyjgB5Lh6KM9QFzQ4VZ
lrKwyfc0+vt72ATd1650c7GBvQKXQanWLsONmqx90Kx1JXXQK5ubTWzPAkO7BS8f
9P8BJT0vGrUIgBNvUKQipbiDVJqoLmcNmwdMTEJBN67Vti+H8UHI7WuM6XJrqvGX
oygDGsJGqcU2vsS0SPtM0scoA74zVLv3N8Z74iRcDytEJmcosUcxmMpDIQ25tWDc
CpFPKTGY/2ioBvZRIo/Q7Unbsxuh+QfmHqDy2uPg7ABnzpAo60Awof17mN3F/OcE
jXTui92H7ylfePok3jS9GML68LHM0Ajcy9LbENT22q7QtNSj7sXFAtQNjHYWOxBL
6dId7Zuk3TdVA9dtjirhkMXe+3ezTq98tyP5bXgBToImXRVf56b6ukcZtvhg0LrU
XO/mTbiIdJ8nhIz6jA67
=1I97
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.