It was Today when ilug-admin at linux.ie shared his opinions on [ILUG] Mozilla...
> Anyone else seen on /. that mozilla _currently_ intend to hide all their
> security bugs until they've fixed them...
>
it's pretty common practice, only developers will be able to fix these
bugs -- so only developers need know. Why do you need to know ? Since at
the same time they will be informing every script kiddie out there. I'm
pretty satisfied with the way they're handling this -- shows they have
some kind of clue when it comes to security. If you've ever taken a look
at rootshell.com or securityfocus.com you'll see that the hole is usually
passed to the vendor first and they're given a grace period. If they take
no action, it's their fault *then*.
> Anyone know who to contact about this, as it sounds remarkably like M$..
it would only be M$-like if they published the bugs and took no action,
(used to) happen quite a bit with IIS holes.
-Brian
brian at devfoo.net
"Are you a man or a corpse ?"
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
