From: Aidan Kehoe (kehoea at domain parhasard.net)
Date: Tue 25 Jun 2002 - 17:45:08 IST
Ar an 25u la de mi 6, scriobh Paul Jakma :
> that'd be where the gist of message is: "noone gets advance notice of
> the actual bug, but hey our new privsep code is cool everyone on
> should upgrade to it"
Once details of the bug are released to bugtraq, attempts to exploit
the bug will increase exponentially. Advising that a bug exists and
enabling privsep will prevent an exploit is the responsible thing to
do, if no specific fix is available.
> he has an agenda of wanting people to move to privsep, and is using
> this upcoming bug fix to force people to move to it. it seems.
Do you think he gives a shit[1] whether the wider world moves to
privsep or not?
> > I for one happen to like the idea of getting warned about
> > security holes... Don't you?
>
> yes, Theo /isnt/ doing this. (well, other than advance notice he's
> going to publish details next week, and tough luck if you're not
> running priv sep).
Saying a security hole exists isn't warning about it? Hmm. I
disagree.
> oh, i do so like to be condescended to.
Keep it up, & it'll happen a whole lot more.
Bye,
- Aidan
-- I'm not a pheasant plucker / I'm a pheasant plucker's son. I'm just a'plucking pheasants / 'Til the pheasant plucker comes. [1] If there are any people reading this offended by that, I'm sorry. Are there not enough American lists for you, though?
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:17:32 GMT