|
From: | David Woolley |
Subject: | Re: lynx-dev Re: Sendmail, lynx, Netscape, sshd, Linux kernel (twice) |
Date: | Thu, 29 Oct 1998 08:56:50 +0000 (GMT) |
> It's only common courtesy to report these things to the developers before > a public list. > Lynx-dev is a public list. What many on lynx-dev may not realise is that what he is reporting are methods of taking control of the machine running Lynx from the web site. As such there is an argument that when you go public you hit as many people concerned with security as possible, otherwise there is a risk that the hackers hear the reports but the protectors don't. These are potentially serious security flaws, not just crashes in weird cases.
[Prev in Thread] | Current Thread | [Next in Thread] |