On Sat, 03 Nov 2001 21:23:55 +0900
Keith Hopkins
Greetings to those at linuxsecurity.com,
In regards to http://www.linuxsecurity.com/advisories/suse_advisory-1680.html, there is a note that read.... <<QUOTE>> The information about this problem was withheld from the public in coordination with other Linux vendors/distributors in order to give the distributors enough time to update their kernel packages. We find that this coordination is beneficial for the community, while we regret that the bug could not be fixed in time before the other distributor's kernel updates. <<ENDQUOTE>>
How dare you. I consider this to be a great disservice to the Linux community. Linux is not about the vendors/distributors. They are not the only ones out there with interests in security problems being fixed. By withholding information, you take away untold number of eyes that could be looking at the problem. Some of those eyes may even be better equipped to handle the problems than the vendors/distributors themselves, and can do so in a more timely fashion. You have produced an unnecessary window of opportunity for malicious attacks against unprotected systems. I do not believe the Linux community needs support from, or should support, those who would withhold valuable information from them. Please do not repeat this type of attitude and behavior.
Regards, Keith Hopkins
P.S. To all those reading this on a mailing list, I urge you to respond directly to info@linuxsecurity.com with your opinion.
<flame> You sir are an idiot. What we are talking about here is a pretty major bug in the Linux kernel. Linux is now a mainstream product that is used comercially in many major organisations. SuSE have done the responsible thing by giving the other comercial distributions a limited window in which to bring their distros up to date. If YOU were a programmer/exploit developer and had found this bug yourself, you would be free to release this information to the general public first without giving the linux developers time to develop a fix. As it is, from a google search I can find no useful contribution from you regarding anything, not even help to someone else on a mailing list. Please go back into your corner, sit down and shut up. Feel free to speak again when you have something productive to offer </flame> Not enought coffee today ... -- Viel Spaß Nix - nix@susesecurity.com http://www.susesecurity.com