LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Denial of reality vulnerabilities

Denial of reality vulnerabilities

Posted Jul 13, 2006 20:16 UTC (Thu) by giraffedata (subscriber, #1954)
Parent article: Denial of reality vulnerabilities

This editorial seems to be arguing with somebody, but whom?

I assume the descriptions of the bug as a DOS are just errors. If the author had realized there's a way to exploit it to get privilege escalation, he would have written it up that way. Is someone still claiming the original description is appropriate?

If it's just an editorial against making mistakes, there's not much point -- it's preaching to the converted.

(Log in to post comments)

Denial of reality vulnerabilities

Posted Jul 20, 2006 8:08 UTC (Thu) by Wol (guest, #4433) [Link]

If the author HADN'T realised, then he clearly hadn't read the initial advisories, and shouldn't have been writing the official advisory.

mjcox said the first announcement on the private security mailing list described it as a privilege escalation problem.

Cheers,
Wol

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds