[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA-403-1] userland can access Linux kernel memory

on Wed, Dec 03, 2003 at 12:14:10AM +0100, Marcel Weber (mmweber@ncpro.com) wrote:
> Michael Stone wrote:

> Actually this is exactly what I meant: There are known risks and
> unknown risks. What we can avoid are in the first place the known
> risks. So the question is just if we want to take these KNOWN risks or
> not. A discovered bug with a known exploit is a much higher risk as
> one without any known exploit, of course. So I have to agree, that the
> first kind of risks are those that have to be avoided first. As you
> said, we have to make a triage unless we have the resources to do it
> perfect (which in reality never can be achieved).

    As we know
    There are known knowns.
    There are things we know we know.
    We also know
    There are known unknowns.
    That is to say, 
    We know there are some things
    We do not know.
    But there are also unknown unknowns,
    The ones we don't know
    We don't know.

      - Donald Rumsfeld, "The Unknown", Feb 12, 2002 DoD news briefing


Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
  Information is not power after all: Old-fashioned power is power. If you
  aren't big industry or government, you have very little power. Once they've
  hacked the electronic voting system, you'll have no power at all.
  - Robert X. Cringely

Attachment: pgpbU2Dqm3qKK.pgp
Description: PGP signature

Reply to: