Subject: Re: kern/26468: unprivileged user can cause repeatable kernel panic
To: None <netbsd-bugs@NetBSD.org>
From: None <firstname.lastname@example.org>
Date: 07/30/2004 12:01:06
Content-Type: text/plain; charset=us-ascii
Pavel Cahyna wrote:
> Isn't it funny that a confidential bug report was sent to a public
> mailing list?
Not really but it's also pretty naive to send something considered being
confidential in an unencrypted mail. This bug/problem (or whatever it is)
has been known for a long while and reported several times. Just use
Google groups and search for "confidential: yes" "netbsd" to find a whole
bunch of such PRs. There's an open PR for it. However, I think the
"Confidential" tag should simply be removed and replaced with a comment to
send such PRs encrypted to the security officer instead.
BTW, I don't think bugs concerning only -current should ever be considered
"confidential". Either you're prepared for the apocalypse or you use a
stable release - JMHO.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)
-----END PGP SIGNATURE-----