Subject: Re: cvs commit: src/lib/libc/db/hash hash_buf.c
To: None <dyson@freebsd.org>
From: Poul-Henning Kamp <phk@critter.tfs.com>
List: tech-userlevel
Date: 10/19/1996 09:01:32
In message <199610190626.BAA02729@dyson.iquest.net>, "John S. Dyson" writes:
>>
>> Ah, yes. I've been watching this thread with some amount of amusement, as
>> have other OpenBSD developers.
>>
>> Yes, please back it out. I would rather have OpenBSD remain the most secure
>> version of UNIX that money can't buy.
>>
>
>Additionally, that "fix" was simply the wrong thing to do, and there are
>better ways to deal with the problem. If the zeroing the buffer in db
>was typical of the ways that others are "fixing" security, well... Sad... :-(
>.
"Have foot, will shoot" was what I read it as :-)
--
Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team.
http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox.
whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc.
Future will arrive by its own means, progress not so.