tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Theo chiming in on strlcpy

On Sun, Dec 22, 2013 at 02:38:30AM +0100, Marc Espie wrote:
 > Okay, so you think some buffer overflows can be not dangerous ?

An overflow that arises if e.g. root puts 5KB of shellcode into
/etc/services is not a security issue, it's just a bug. Fix it and
move on.

 > Thank you, you just made my point much better than I could by myself.

Namely, that people concerned about real security issues shouldn't be
listening to you? :-)

David A. Holland

Home | Main Index | Thread Index | Old Index