Date: Sat, 14 Oct 2006 10:12:11 +0200 From: Harald Muehlboeck <home@clef.at> To: freebsd security <freebsd-security@freebsd.org> Subject: Re: iDefense Security Advisory 10.10.06: FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability Message-ID: <86odsfmi3o.fsf@tuha.clef.at> In-Reply-To: <452C25A2.6080809@freebsd.org> (Colin Percival's message of "Tue, 10 Oct 2006 15:58:42 -0700") References: <20061010185141.ce3e7134.wmoran@collaborativefusion.com> <452C25A2.6080809@freebsd.org>
index | next in thread | previous in thread | raw e-mail
Colin Percival <cperciva@freebsd.org> writes: >> "The policy of the FreeBSD Security Team is that local denial of service >> bugs not be treated as security issues; it is possible that this problem >> will be corrected in a future Erratum." > > If there was any potential for > (a) privilege escalation, > (b) disclosure of potentially sensitive information, or > (c) denial of service by a non-authenticated attacker, > we would have issued a security advisory. I am missing this information on <http://www.freebsd.org/security/>. The site does not say wich bugs are treated as security issue and which are not. Perhaps these three points above can be added to the website.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86odsfmi3o.fsf>