Tone and correctness
Posted Jan 8, 2005 17:08 UTC (Sat) by kleptog
In reply to: Tone and correctness
Parent article: grsecurity 2.1.0 and kernel vulnerabilities
Fascinating, I'd never noticed this part of the standard before but some tests on my machine here reveal you are correct, at least on the version I'm testing (gcc 3.3.2). Any comparisons with unsigned turns both sides unsigned and sizeof() returns unsigned.
While I sympathise with the guy, there are a number of things he could have done better. For example, including "[SECURITY]" in the subject of the emails might have been a start. The subject as given means nothing to me. I would not be surprised if the emails simply vanished in the bit bucket. Sending to Alan or Linus directly if they don't know you is a dead end.
Sending it to any of the other security teams, security focus, redhat, debian, whoever would probably have got the message somewhere where people know the right channels to use.
to post comments)