[LINK] Re: Security Micro-HowTo vs. Adam's generalised Red Hatc
Wed, 16 Feb 2000 08:02:09 -0800 (PST)
On 14 Feb, Adam Todd wrote:
> Been there and done it all before. Sadly right now the vunerability is
> somewhat limited in general knowledge, last time I reported an vunerability
> to the Authors they laughed. Funny enough within 6 weeks the vunerability
> was exploited quite heavily (this is a few years back now) so I have a
> "TRUST" issue.
> In this instance I havea high level trust issue because the vunerability
> is in the kernel and not obvious. I found it by accident and it has worked
> on all Red Hat platforms I've ever come across since 1995.
1) Red Hat does not use it's own kernel - it uses the standard Linux
kernel. Thus if Red Hat is vulnerable, so is every single Linux
distribution that uses the Linux kernel.
I am astonished that a person who has the level of specialist
knowledge of OSs you have could suggest otherwise.
2) If you have information that relates to security of the Linux
kernel, I can personally guarantee that if you provide me with full
information it will be in the hands of the top level Linux kernel
developers within minutes of me reading it.
Robert Hart email@example.com
Director, Technical Alliances
Red Hat, Inc (California Office)
Phone: +1 650 967 0888
Fax: +1 650 965 7307