Date: Sat, 14 Oct 2006 10:12:11 +0200 From: Harald Muehlboeck <home@clef.at> To: freebsd security <freebsd-security@freebsd.org> Subject: Re: iDefense Security Advisory 10.10.06: FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability Message-ID: <86odsfmi3o.fsf@tuha.clef.at> In-Reply-To: <452C25A2.6080809@freebsd.org> (Colin Percival's message of "Tue, 10 Oct 2006 15:58:42 -0700") References: <20061010185141.ce3e7134.wmoran@collaborativefusion.com> <452C25A2.6080809@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Colin Percival <cperciva@freebsd.org> writes: >> "The policy of the FreeBSD Security Team is that local denial of service >> bugs not be treated as security issues; it is possible that this problem >> will be corrected in a future Erratum." > > If there was any potential for > (a) privilege escalation, > (b) disclosure of potentially sensitive information, or > (c) denial of service by a non-authenticated attacker, > we would have issued a security advisory. I am missing this information on <http://www.freebsd.org/security/>. The site does not say wich bugs are treated as security issue and which are not. Perhaps these three points above can be added to the website.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86odsfmi3o.fsf>