[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [POSSIBLE GRAVE SECURITY HOLD]

On Mon, Feb 07, 2000 at 04:16:34PM +0000, Jules Bean wrote:
> On Mon, 7 Feb 2000, Thierry Laronde wrote:
> > 
> > The bug _is_ a potential security hole. And I was first amazed that saying
> > that Debian can be improved could be a scandal. And I'm now tired and
> > disgusted after reading insulting mails, written by people claiming they
> > are the kings of security and knowledge, Almighty sysadmins, insulting 
> > explicitly or implicitly people because they are french...
> 
> It's not a security hole in the conventional sense.  It's simply an
> insecure default.  There is a difference.  Most people agree that a better
> default or more documentation (in fact, definitely the latter) are in
> order.
> 
> Just because those who think you're right can't be bothered to partake in
> a fairly dull argument, don't think we don't exist.  Although as I have
> said to others, I think the tone of the bugtraq message was quite
> unwarranted [1]

Don't worry : I was not generalizing. BTW, I quite agree with you about the
BTS : the first 3 messages were explaining the whole story, and were enough.

Thanks for your mail, however ;) I will now longer respond to provocations.

Best regards,
-- 
Thierry LARONDE <thierry.laronde@polynum.com>
website : http://www.polynum.com
/home du SDF (Site Debian Francophone) : http://www.polynum.com/debian/
Reply to: