Mailinglist Archive: opensuse-security (195 mails)

< Previous Next >
Re: [suse-security] SuSE Security Announcement - make-3.77
  • From: "Peter Folk" <pfolk@xxxxxxxxxxxx>
  • Date: Wed, 01 Mar 2000 16:29:47 PST
  • Message-id: <200003020028.QAA16787@xxxxxxxxxxxxxxx>

rabbi@xxxxxxxxxxx wrote:
>Bruce Schneier has a very good piece about this. In it he condems
>publishing exploits, and *demands* that those who find exploits give the
>vendors ample time (not just a few days) to fix the hole.

Fine. Then let's have two announcements:

A hole has been discovered in X which allows [basic description of
the security violations]. Please disable it until a patch is available.

and the standard one, with an in-depth description of the problem and
patches (and expoits if you aren't idiologically opposed to them).

If all the locks are broken, it would be wise to tell those living in
the subdivision to stand guard with a shotgun until the lock can be fixed.

Pete

< Previous Next >
List Navigation