Subject: Re: OpenSSH Priv Sep and Remote Exploit?
To: Jason R Thorpe <>
From: Theo de Raadt <>
List: tech-security
Date: 06/27/2002 12:12:09
>  > You are so entirely out of touch with reality.  Less than 24 hours
>  > after we produce a patch, there will be a public exploit.  You'll see.
> This is why people generally go through channels like CERT to inform
> vendors of problems and allow them to make appropriate plans, before
> public disclosure of the problem.

Whereas I alerted the users to make appropriate plans, and gave the
vendors a solid workaround plan to follow.

Jason, you just don't want to admit you are wrong.