[NBLUG/talk] reporting a bug in a major distro

error error at sonic.net
Sat Aug 23 22:01:01 PDT 2003


On Sat, 2003-08-23 at 21:55, Jeremy Turner wrote:
> On Sat, 2003-08-23 at 21:38, error wrote:
> > What if I told you that I had found a huge bug in a major distro.
> 
> The beauty of open source is you know the email of the author.  You can
> send an email detailing the exact sequence and how you and root the
> boxen.
> 
> If it indeed is a major security hole, the authors could make the
> necessary changes (unless you included a patch to fix it) and push out
> changes to the various distributions.

I am more looking for what you would do.

Would you report it to that email?
Would you take it to full disclosure or bugtraq and cc them?

Would you package a set of tools to exploit it? ;-p

-- 
error <error at sonic.net>




More information about the talk mailing list