>the patch is pure c code. it took me 5 mins to read & understand >it. is very simple (but useful). >Simply that patch (apart from adding some logs, comments >and little code formatting) simply caches auth data >AND let * manage 403 responses from the server, >and this last one perhaps is the issue that >was overloading BV . > >so, just read it (or let someone do for it) and understand >that's not a problem :)
If you're joking, :).
If you're serious, go read a primer on security.
Do you patch your kernel the same way?
-Michael
I don't see a security issue with his method.
If you (a) read the entire patch and (b) comprehend fully everything that it does, then there's nothing to worry about. Fear comes from the unknown, and if you know everything in the patch, there's nothing to fear.
Understanding kernel patches requires a bit more legerdemain that other types since you're generally dealing at a very low level with hardware, filesystems, memory, etc, but the same applies. If you're the type that can read a kernel patch fully and comprehend it fully, there's no fear left for what's inside it.
-- Tom
_______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
