Full Disclosure mailing list archives
Re: Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)
From: Gadi Evron <ge () linuxbox org>
Date: Sat, 25 Mar 2006 04:30:41 +0200
Theo de Raadt wrote:
After or before it hit the news? You may be able to alert vendors, but the problem with critical infrastructure is that is widely deployed around the world. Releasing the way you did is irresponsible.Taking our freely available software and creating a mono-culture is something that the administrators did. We don't get paid (or we don't get paid enough).
I see, so why don't you go work for commercial vendors? With that kind of security attitude I wonder why anybody believes OpenBSD is the most secure OS around.
Most arguments against open source in big organizations are that they have no backing, serious tech support, etc. That brought about a myriad of third-party companies which provide with this service.
I often find open source to be a lot more responsive than many commercial companies, but it's still done based on good will and free time. That doesn't scale well in the board room.
You better quit now as you are making a horrible attempt at protecting open source, which I strongly believe in.
If a commercial giant ***** up, or an open source product does, makes no difference to me. When people say: you can't comment unless you go and do on your own, move along. People will move along.
Sometimes I will ignore input from non-contributors,. but ignoring input, especially of the critical type, from your users makes you not suitable for these users or to grow and scale as something for the infrastructure.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow), (continued)
- Re: Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Blue Boar (Mar 23)
- Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Gadi Evron (Mar 24)
- Re: Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Tim (Mar 24)
- RE: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Michael A Fusaro II (Mar 24)
- Re: Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Anders B Jansson (Mar 24)
- Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Casper . Dik (Mar 25)
- Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Coleman Kane (Mar 27)
- Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Eric Allman (Mar 24)
- Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Gadi Evron (Mar 24)
- Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Theo de Raadt (Mar 24)
- Re: Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Gadi Evron (Mar 24)
- Re: Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Randal T. Rioux (Mar 26)
- Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Gadi Evron (Mar 24)
