From owner-freebsd-security  Fri Jan 21 15:35:56 2000
Delivered-To: freebsd-security@freebsd.org
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.40.131])
	by hub.freebsd.org (Postfix) with ESMTP id D1F0B15765
	for <security@FreeBSD.ORG>; Fri, 21 Jan 2000 15:35:36 -0800 (PST)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost.freebsd.dk [127.0.0.1])
	by critter.freebsd.dk (8.9.3/8.9.3) with ESMTP id AAA07265;
	Sat, 22 Jan 2000 00:35:09 +0100 (CET)
	(envelope-from phk@critter.freebsd.dk)
To: Matthew Dillon <dillon@apollo.backplane.com>
Cc: Alfred Perlstein <bright@wintelcom.net>,
	Brett Glass <brett@lariat.org>, security@FreeBSD.ORG
Subject: Re: stream.c worst-case kernel paths 
In-reply-to: Your message of "Fri, 21 Jan 2000 15:31:10 PST."
             <200001212331.PAA64734@apollo.backplane.com> 
Date: Sat, 22 Jan 2000 00:35:09 +0100
Message-ID: <7263.948497709@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <200001212331.PAA64734@apollo.backplane.com>, Matthew Dillon writes:

>    Except that this will not fix anything.  You are saving yourself a small
>    amount of cpu -- not enough to matter, really, in an attack of this sort.
>    It may be worth doing this sort of patch after the release, but if the goal 
>    of the release is to fix bugs then the proper solution is to use the one that
>    we know already makes a difference - restricting the output path.

And you conveniently forgot to quote the one line of my email where I
said as much.

--
Poul-Henning Kamp             FreeBSD coreteam member
phk@FreeBSD.ORG               "Real hackers run -current on their laptop."
FreeBSD -- It will take a long time before progress goes too far!


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message