nominate for removal: ethereal
Pekka Pietikainen
pp at ee.oulu.fi
Thu Jul 8 15:14:30 UTC 2004
On Thu, Jul 08, 2004 at 08:32:34AM -0600, Dax Kelson wrote:
> Yes. This is a shockingly bad nomination. :)
> > It seems like an excellent place to start thinking of packages that
> > should be maintained, in fedora extras, by the people interested in
> > using them, not by the central developers at red hat.
> Extremely useful tool that is useful for debugging an innumerable amount
> of problems. It has saved literally hundreds of hours for me personally.
> Making it less accessible (the network may be down when you need it
> after all) would be a travesty.
>
> Parsing externally controlled input is what it does, so it isn't
> surprising the security problems that result.
Yea, approx 600klines (cat packet*.c | wc -l) of packet parsing code in C
will always have problems no matter how much someone audits it.
Assuming we had a bounds-checking gcc/other similar things in the distro
compiling it with one wouldn't be a bad idea either. It's one of those
packages where the performance hit vs. benefit would be worth it.
Sure we have exec-shield, prelink randomization etc., but it never
hurts to have extra levels of protection.
Having a (strict) SELinux policy for it might be a good thing btw. :-)
--
Pekka Pietikainen
More information about the devel
mailing list