Subject: Re: OpenSSH Priv Sep and Remote Exploit?
To: None <>
From: Greg A. Woods <>
List: tech-security
Date: 06/25/2002 15:17:55
[ On Tuesday, June 25, 2002 at 19:59:02 (+0200), Anonymous wrote: ]
> Subject: Re: OpenSSH Priv Sep and Remote Exploit?

Hmmm.... the only person I can think of who'd really need to hide behind
an anonymizer just to post a link to a discussion here is....  :-)

I agree with Theo though -- O'Conner really has stuck his foot in it!

This programmer, for one, has been far more careful with his publicly
available code for over a decade now.  I'm also absolutely certain I'm
not the only programmer with such lengthy experience (i.e. far longer
than this debate about "full disclosure") at being "forced" by the mere
threat of peer pressure alone to write better code!  ;-)

Unfortunately "better" is not good enough.  Unfortunately I don't yet
know how to write guaranteed perfect code, though there are some new
(and old) programming languages that can help, and even some that might
help without forcing us all to learn languages we don't already know
(eg. Cyclone for us C programmers).

								Greg A. Woods

+1 416 218-0098;  <>;  <>;  <>
Planix, Inc. <>; VE3TCP; Secrets of the Weird <>