Date: Thu, 13 Jul 2000 15:45:43 -0500 From: Bob.Gorichanaz@midata.com To: security@FreeBSD.ORG Subject: Re: Two kinds of advisories? Message-ID: <OF521FFDE5.93AC3920-ON8625691B.0071C4F1@midata.com>
next in thread | raw e-mail | index | archive | help
How about changing the subject line to: "NOT-FREEBSD: Ports Security Advisory (saXX-YY-ZZZZ)" Of course, web-bots that scan for the words SECURITY, ADVISORY, and FREEBSD will still blindly pull this as a FreeBSD Security Advisory. And you'll probably STILL get calls from clients asking "Do I have this installed?" No amount of over-clarifying the subject line will guarantee 100% that everyone that reads it will understand that it does NOT apply to the FreeBSD Core Operating System. You can make a human READ, but you cannot make him COMPREHEND. -=bob=- Brett Glass <brett@lariat.org>@FreeBSD.ORG on 07/13/2000 03:32:58 PM Sent by: owner-freebsd-security@FreeBSD.ORG Sent From the mail file of: Bob Gorichanaz To: Wes Peters <wes@softweyr.com> cc: "David G. Andersen" <dga@POBOX.COM>, security@FreeBSD.ORG Subject: Re: Two kinds of advisories? At 02:23 PM 7/13/2000, Wes Peters wrote: >Why not just educate them to RTFMessage? They clearly say "FreeBSD ports", >all you need to do is educate them about what that means. Wes: As a fellow writer, I'm sure you understand that this isn't always enough. When a copy editor makes what s/he thinks is an immaterial change to a headline, the consequences can be nasty. (I've gotten intense flames about stories whose headlines were phrased in such a way that they could be misinterpreted, even when just reading the article would have cleared up any confusion.) It's a fact of life that people are in the throes of information overload. They skim headlines and don't have time to delve. For the sake of FreeBSD's reputation, it makes good sense to make the subject lines SUPER-unambiguous. I'm not the only one who has noticed that the current format has caused third-party bugs to be seen as security holes in FreeBSD. Let's make it so there's no chance of this misperception continuing. I really like Matt's idea of numbering Ports advisories as PORTS-<Whatever> to distinguish them from bugs in FreeBSD proper. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?OF521FFDE5.93AC3920-ON8625691B.0071C4F1>