Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
From: Rick Moen <rick@linuxmafia.com>
Date: Wed, 19 Jan 2005 00:19:17 -0800
Message-id: <[🔎] 20050119081917.GJ3376@linuxmafia.com>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20050119050738.GA1948@infidel.spots.ab.ca>
References: <m1CqprA-000omSC@finlandia.Infodrom.North.DE> <[🔎] 41EDD095.5218B68F@patriot.net> <[🔎] 20050119022735.GA728@infidel.spots.ab.ca> <[🔎] 41EDCDC8.3090507@eth0.is-a-geek.org> <[🔎] 20050119030640.GG3376@linuxmafia.com> <[🔎] 20050119042842.GD1479@infidel.spots.ab.ca> <[🔎] 20050119043450.GI3376@linuxmafia.com> <[🔎] 20050119050738.GA1948@infidel.spots.ab.ca>

Quoting s. keeling (keeling@spots.ab.ca):

> The problem here is the nitwit factor.

Yes, well, a bunch of us have been keeping an eye on Linux MUAs and
default mailcap behaviour for 10+ years, to make sure zeal for
simplicity doesn't lead coders or distro assemblers to do something
dumb.  Thus my question of the other poster.

I wasn't going to hold my breath waiting for a qualifying, valid
response of the "Why certainly; please have a look at this" variety, 
but much can happen in a wide universe.  At that point, appropriate
cluebats get deployed, etc.

> I say again to the original poster, get a better MUA, running on a
> better OS.

Quite.

-- 
Cheers,                                      Hardware:  The part you kick.
Rick Moen                                    Software:  The part you boot.
rick@linuxmafia.com

Reply to:

References:
- Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
  - From: Moe <moel@patriot.net>
- Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
  - From: "s. keeling" <keeling@spots.ab.ca>
- Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
  - From: David Mandelberg <mandelbergd@eth0.is-a-geek.org>
- Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
  - From: Rick Moen <rick@linuxmafia.com>
- Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
  - From: "s. keeling" <keeling@spots.ab.ca>
- Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
  - From: Rick Moen <rick@linuxmafia.com>
- Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
  - From: "s. keeling" <keeling@spots.ab.ca>

Prev by Date: Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
Next by Date: Re: [meta] Set reply-to to something else?
Previous by thread: Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
Next by thread: Re: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution
Index(es):
- Date
- Thread