[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: woody release task needs help: package priorities

On Tue, May 15, 2001 at 04:28:37PM +0200, Tollef Fog Heen wrote:
> You are assuming that talkd have buffer overflows, but you have no
> proof of it.  

Of course a reasonably paranoid person would assume that buffer
overflows exist and mitigate the risk as appropriate. Unless you can
*prove* that the software is secure (proof by assertion or proof by "it
hasn't happened yet" aren't) an assumption of security is unwarranted.

Mike Stone

Reply to: