https://bugzilla.wikimedia.org/show_bug.cgi?id=189
Roan Kattouw <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #79 from Roan Kattouw <[email protected]> 2009-05-05 15:49:45 UTC --- (In reply to comment #78) > Aryeh: thank you for proving all my points. > > And I mean all of them. > > That very much includes the unwillingness to clarify with the LilyPond team > how > serious said DoS vector might be. > > I can -- and will -- not work that way. > How is Aryeh being unwilling here? He's pointed out what the DoS vector is (unlimited resource usage for evil input), and said to ask if anything needed clarification. The seriousness of the possibility of unlimited resource usage and the ease with which an attacker could craft input triggering that (by trying on their local LilyPond install first) seems to be pretty much proven to me. If you believe the DoS issue is no longer an issue (you seem to be suggesting this), please tell us (mentioning what was done to fix it, of course). -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. You are the assignee for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
