Re: Bug report on nfs-common: nfsidmap crashes with exit status 139
Hi Ben,
On Wed, Jun 26, 2013 at 9:40 PM, Ben Hutchings <ben@decadent.org.uk> wrote:
> It's a bit late for that, as you sent mail to a public mailing list.
As I mentioned in the debian-devel thread, I realize only now that
many emails (about 20% in our case), that are listed as package
maintainers, are public mailing lists. That's unfortunate, but
hopefully most reported bugs will not be security critical.
> There does not seem to be any way to make the kernel invoke nfsidmap
> with an invalid option as used in the test case, and I don't see any
> reason for a user to invoke it directly with untrusted input. So I
> don't think there is any security issue here.
That's a good point, and it looks like a majority of the crashes have
little security implications. The security tags will be removed before
submitting the report, unless advised otherwise by the package
maintainers.
Thanks,
Alex
Reply to: