[ Date Prev ][ Date Next ][ Thread Prev ][ Thread Next ][ Date Index ][ Thread Index ]

Re: PROPOSAL: Cluster 20 - DESIGN (27 candidates)

To : dac@zurich.ibm.com
Subject : Re: PROPOSAL: Cluster 20 - DESIGN (27 candidates)
From : Gene Spafford < spaf@cs.purdue.edu >
Date : Wed, 21 Jul 1999 09:26:37 -0500
Cc : "Steven M. Christey" < coley@linus.mitre.org >, cve-editorial-board-list@lists.mitre.org
In-Reply-To : <C12567B5.002F113A.00@d12mta01.de.ibm.com>
References : <C12567B5.002F113A.00@d12mta01.de.ibm.com>
Reply-To : spaf@cs.purdue.edu

At 10:33 AM +0200 7/21/99, dac@zurich.ibm.com wrote:
>hmm ... let me follow up.
>I like your 'rule of thumb', but it needs some refinement, IMHO.

I agree, but I think the idea is sound.

For instance, with .forward.

The fact that it can execute a program to list my whereabouts is a
feature that I may use (and in fact, have used).     The fact that
the feature is not necessarily known to system admins, and would
violate *some* policies is not reason to be listed in the CVE.  If we
start doing that, then we need to document every misunderstanding and
unclear concept out there -- and Unix or NT alone would generate a
few thousand!

--spaf

Follow-Ups :
- Re: PROPOSAL: Cluster 20 - DESIGN (27 candidates)
  - From: Aleph One <aleph1@underground.org>

Prev by Date: Re: PROPOSAL: Cluster 20 - DESIGN (27 candidates)
Next by Date: Re: PROPOSAL: Cluster 20 - DESIGN (27 candidates)
Prev by thread: Re: PROPOSAL: Cluster 20 - DESIGN (27 candidates)
Next by thread: Re: PROPOSAL: Cluster 20 - DESIGN (27 candidates)
Index(es):
- Date
- Thread

Page Last Updated or Reviewed: May 22, 2007

Site Map | Terms of Use | Privacy Policy | Contact Us | Follow CVE

Use of the CVE^™ List and the associated references from this website are subject to the terms of use . CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2021, The MITRE Corporation . CVE is a registered trademark and the CVE logo is a trademark of The MITRE Corporation.