Re: Bad press again...
- To: Paul Gear <email@example.com>
- Cc: firstname.lastname@example.org
- Subject: Re: Bad press again...
- From: Florian Weimer <email@example.com>
- Date: Thu, 01 Sep 2005 09:51:38 +0200
- Message-id: <[🔎] firstname.lastname@example.org>
- In-reply-to: <email@example.com> (Paul Gear's message of "Thu, 01 Sep 2005 07:09:26 +1000")
- References: <firstname.lastname@example.org> <Pine.LNX.3.96.1050828042459.22363A-100000@Maggie.Linux-Consulting.com> <email@example.com> <20050828234607.GB14921@mathom.us> <firstname.lastname@example.org> <20050829212638.GG14921@mathom.us> <email@example.com> <firstname.lastname@example.org> <email@example.com> <firstname.lastname@example.org>
* Paul Gear:
> It makes perfect sense to me... All it's saying is that IP-to-MAC
> mappings are cached in the 'Recent' set for each interface for
> $MACLIST_TTL seconds without requiring them to be passed through the MAC
> filter for every packet.
The problem is this sentence: "Subsequent connection attempts from
that IP address occurring within $MACLIST_TTL seconds will be accepted
without having to scan all of the entries.". What does "accepted"
mean in this context? Accepted without further checks?
Of course, the intent was that only MAC list checks are skipped. But
the same developer who implemented the maclist feature probably wrote
that documentation, and missed the crucial RETURN/ACCEPT distinction.
> "Not documented at all" is not a phrase i've *ever* heard used about
The syntax is documented, but not the semantics. 8-)
> What you do in your lab is up to you, but isn't that a bit of a waste of
> time when Lorenzo has already done it?
The guidelines in the Developer's Reference suggest that the
communication with the security team is not archived in the relevant
bug report, even if the bug itself is public. So I didn't know about
> He just told me that he sent the results of his testing to the
> security team in his original request for a DSA.
Yes, in the meantime, I've been told that, too.