Re: [POSSIBLE GRAVE SECURITY HOLD]
On Mon, 7 Feb 2000, Thierry Laronde wrote:
>
> The bug _is_ a potential security hole. And I was first amazed that saying
> that Debian can be improved could be a scandal. And I'm now tired and
> disgusted after reading insulting mails, written by people claiming they
> are the kings of security and knowledge, Almighty sysadmins, insulting
> explicitly or implicitly people because they are french...
It's not a security hole in the conventional sense. It's simply an
insecure default. There is a difference. Most people agree that a better
default or more documentation (in fact, definitely the latter) are in
order.
Just because those who think you're right can't be bothered to partake in
a fairly dull argument, don't think we don't exist. Although as I have
said to others, I think the tone of the bugtraq message was quite
unwarranted [1]
And as for Branden's insults, one just has to get used to them. His sense
of humour is on a different wavelength to most peoples ;-)
Jules
[1] It claimed no action had been taken over than wishlisting the bug.
Actually, as can be seen from the boot-floppies CVS log, action was taken
swiftly.
/----------------+-------------------------------+---------------------\
| Jelibean aka | jules@jellybean.co.uk | 6 Evelyn Rd |
| Jules aka | jules@debian.org | Richmond, Surrey |
| Julian Bean | jmlb2@hermes.cam.ac.uk | TW9 2TF *UK* |
+----------------+-------------------------------+---------------------+
| War doesn't demonstrate who's right... just who's left. |
| When privacy is outlawed... only the outlaws have privacy. |
\----------------------------------------------------------------------/
Reply to: