This is the mail archive of the
mailing list for the GCC project.
Re: 3.2 PATCH: Ada parallel bootstrap fixes
- From: kenner at vlsi1 dot ultra dot nyu dot edu (Richard Kenner)
- To: fw at deneb dot enyo dot de
- Cc: gcc at gcc dot gnu dot org
- Date: Sat, 18 May 02 11:28:59 EDT
- Subject: Re: 3.2 PATCH: Ada parallel bootstrap fixes
There are also different, less grave security problems, for example
denial of service vulnerabilities or information leaks. Unauthorized
privilege escalation is just one security problem, but there are
Yes, but my point was that what all of these have in common is providing
a way for a user to have access they should not rightly have. In other
words, privilege escalation. The issue is getting the wrongly-obtained
privilege, not what one does wirh it.
Remember that similar problems have been fixed in C libraries years
ago. Should we really wait until Ada programms are bitten by the same
I haven't heard anybody suggest it's not a legitimate bug to be fixed.
The objection is that the implicit escalation of priority that results
from labelling it as a "security bug" is not justified.