Subject: Re: kern/26468: unprivileged user can cause repeatable kernel panic
To: None <>
From: None <>
List: netbsd-bugs
Date: 07/30/2004 12:01:06
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Pavel Cahyna wrote:
> Isn't it funny that a confidential bug report was sent to a public
> mailing list?

Not really but it's also pretty naive to send something considered being
confidential in an unencrypted mail. This bug/problem (or whatever it is)
has been known for a long while and reported several times. Just use
Google groups and search for "confidential: yes" "netbsd" to find a whole
bunch of such PRs. There's an open PR for it. However, I think the
"Confidential" tag should simply be removed and replaced with a comment to
send such PRs encrypted to the security officer instead.
BTW, I don't think bugs concerning only -current should ever be considered
"confidential". Either you're prepared for the apocalypse or you use a
stable release - JMHO.


Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.4 (NetBSD)