Subject: Re: *READ THIS* snapshot fixes security hole *READ THIS*
To: David Carrel <firstname.lastname@example.org>
From: Ted Lemon <email@example.com>
Date: 08/29/1995 20:32:41
> If you have patches for a bug or can point out a "real" vulnerability
> that's new, then send them in. But I keep hearing too many people saying
> they're going to be cool, cuz they're about to do something. Posers!
I don't entirely disagree with this, but I would like to point out
that installing the patch in all effected binaries will ensure that
no unaudited server running as root will let a cracker in through this
particular syslog bug. Going through each program trying to figure
out whether it's vulnerable to this avenue of attack would be a
complete waste of time.
I won't call you a poser, though - I'm sure you meant well... :')