CeDeROM
2016-Oct-26 09:22 UTC
FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED]
On Wed, Oct 26, 2016 at 8:53 AM, Robert N. M. Watson <rwatson at freebsd.org> wrote:> In general, my strong recommendation is against issuing advisories for local denial-of-service attacks, (..)I would prefer to get that information regardless of individual preferences.. SA tells there is a problem that is at least good to know about. -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info
Dag-Erling Smørgrav
2016-Oct-26 09:42 UTC
FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED]
CeDeROM <cederom at tlen.pl> writes:> Robert N. M. Watson <rwatson at freebsd.org> writes: > > In general, my strong recommendation is against issuing advisories > > for local denial-of-service attacks, (..) > I would prefer to get that information regardless of individual > preferences.It's not a matter of individual preference. During my time as so@ (and Simon's before me), this was an explicit policy. The reason is that, as Robert points out, there are a million ways for a trusted unprivileged user to cause a DoS, and most of them aren't even bugs. Some of them can be mitigated using quotas or resource limits, but far from all. DES -- Dag-Erling Sm?rgrav - des at des.no