Originally Posted by w5set
RH listening here??--uuhhh, yeah I would figure they do.
And reading Secunia--uhhh yeah, I would figure they even post info to that place.
But a "not critical" vulnerability ususlly rates kind of low in the "things to get done now" department.
Especially one that is "local user" based.
It will probably be quicker to just break a few fingers of your "local malicious users" then wait until the fix comes along--and much more sure to have the desired effect.
Well, I hate to say that this particular item being local user based I am not critically worried about it either.
But I am paranoid and think about links in the chain of security as much as the entire chain. Or in other words, if there is, say, another unpublished exploit to service x, this might create a new problem.
Then again, being paranoid, I never consider a computer connected to a network to be entirely secure.