Subject: Re: *READ THIS* snapshot fixes security hole *READ THIS*
To: None <current-users@NetBSD.ORG>
From: David Carrel <firstname.lastname@example.org>
Date: 08/29/1995 16:51:06
Just because a program uses syslog() does not mean it's unsafe. The
vulnerability comes when the program allows user-specified data to be
passed to syslog(). Let's not get caught up in the hype.
If you have patches for a bug or can point out a "real" vulnerability
that's new, then send them in. But I keep hearing too many people saying
they're going to be cool, cuz they're about to do something. Posers!