In message <199610190626.BAA02729@dyson.iquest.net>, "John S. Dyson" writes:
>> 
>> Ah, yes.  I've been watching this thread with some amount of amusement, as
>> have other OpenBSD developers.
>> 
>> Yes, please back it out.  I would rather have OpenBSD remain the most secure
>> version of UNIX that money can't buy.
>> 
>
>Additionally, that "fix" was simply the wrong thing to do, and there are
>better ways to deal with the problem.  If the zeroing the buffer in db
>was typical of the ways that others are "fixing" security, well...  Sad... :-(
>.

"Have foot, will shoot" was what I read it as :-)

--
Poul-Henning Kamp           | phk@FreeBSD.ORG       FreeBSD Core-team.
http://www.freebsd.org/~phk | phk@login.dknet.dk    Private mailbox.
whois: [PHK]                | phk@ref.tfs.com       TRW Financial Systems, Inc.
Future will arrive by its own means, progress not so.