Date: Fri, 3 Dec 1999 21:37:55 -0800 (PST) From: Kris Kennaway <kris@hub.freebsd.org> To: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> Cc: tstromberg@rtci.com, freebsd-audit@FreeBSD.ORG Subject: Re: More binaries with overflows. (7) Message-ID: <Pine.BSF.4.21.9912032136050.21530-100000@hub.freebsd.org> In-Reply-To: <199912040532.VAA82253@gndrsh.dnsmgr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 3 Dec 1999, Rodney W. Grimes wrote: > > I haven't checked the others yet > > Good work Kris, but I have a point about your commits, I didn't see > any ``reviewed by's: for them and you've now hidden the old flaw from > one of the only automated tools we have for finding these types of > flaws :-( That's because the only fixes I've committed unreviewed have not been security-related, but simple bugs which crashed the program (an off-by-one error on a buffer, and some just plain wrong code). These were trivial enough that they don't require a review. > -audit related fixes should really be very carefuly eyeballed by a few > reviewers, too often in the past hasty patch work by even the best of > security programmers has related to harder to find security bugs. I agree. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.9912032136050.21530-100000>