[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    Re: [Full-Disclosure] THREATCON HITTING DANGEROUS LEVELS!
From:       Charles Stevenson <core () bokeoa ! com>
Date:       2002-09-30 21:33:41
[Download RAW message or body]

Dave, all,

Dave Wilson wrote:
 > How about not misusing exec()?  'course not, let's patch our kernels to
 > stop idiots from using exec()!!

Yeah really let's add thousands of lines of broken code to fix a problem 
that never existed. Just like all these bullshit lkms and other lame 
excuses for security software that reinvent the wheel. Every kernel 
since 2.2.13 has had support for Linux Capabilities. This is native to 
the OS people. USE IT! For fucks sake. I can secure a box with one 
command line. Not that it'd be useable to much extent if I turned all 
capabilities off but I'm just pointing out that so many of you are so 
fucking lazy and unwilling to read the fucking MANUAL that you go off 
and create some half assed forked software abstraction that micromanages 
the OS. Is this not counterintuitive? Hey let's have software make sure 
the OS is not getting hacked. Bahahaha. If you people are running grsec, 
st. michael, st. jude, yet another st. lkm I seriously think you ought 
to laugh real hard at yourself for not really looking into how to secure 
your OS with it's native features. RTFM!!! FFS!!! FOAD!!!! (That's: Read 
the fucking manual (type man;), for fucks sake!!! Fuck off and die!). 
But you know I still love you all.

peace,
core


-- 
   Charles Stevenson (core) <core@bokeoa.com>
   Lab Assistant, College of Eastern Utah San Juan Campus
   http://www.bokeoa.com/~core/core.asc


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[prev in list] [next in list] [prev in thread] [next in thread]