[LINK] Re: Security Micro-HowTo vs. Adam's generalised Red Hatc
ritique
hartr@redhat.com
hartr@redhat.com
Wed, 16 Feb 2000 08:02:09 -0800 (PST)
On 14 Feb, Adam Todd wrote:
> Been there and done it all before. Sadly right now the vunerability is
> somewhat limited in general knowledge, last time I reported an vunerability
> to the Authors they laughed. Funny enough within 6 weeks the vunerability
> was exploited quite heavily (this is a few years back now) so I have a
> "TRUST" issue.
>
> In this instance I havea high level trust issue because the vunerability
> is in the kernel and not obvious. I found it by accident and it has worked
> on all Red Hat platforms I've ever come across since 1995.
Adam
1) Red Hat does not use it's own kernel - it uses the standard Linux
kernel. Thus if Red Hat is vulnerable, so is every single Linux
distribution that uses the Linux kernel.
I am astonished that a person who has the level of specialist
knowledge of OSs you have could suggest otherwise.
2) If you have information that relates to security of the Linux
kernel, I can personally guarantee that if you provide me with full
information it will be in the hands of the top level Linux kernel
developers within minutes of me reading it.
--
Robert Hart hartr@redhat.com
Director, Technical Alliances
Red Hat, Inc (California Office)
Phone: +1 650 967 0888
Fax: +1 650 965 7307