Date: Mon, 3 Feb 1997 12:54:53 -0800 (PST) From: Stranger Bone <ben@narcissus.ml.org> To: Poul-Henning Kamp <phk@critter.dk.tfs.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Critical Security Problem in 4.4BSD crt0 Message-ID: <Pine.BSF.3.91.970203124937.6759E-100000@narcissus.ml.org> In-Reply-To: <1097.854980430@critter.dk.tfs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 3 Feb 1997, Poul-Henning Kamp wrote: <snip> > >Where do we disagree on this? > > In that many systems cannot "just upgrade" any and all times. I may > have more experience in the operational aspects of computers than > you have. > > What we need is manpower who are interested and dedicated in their > effort to >help< the users, rather than rip the carpet out under > them. This sysadmin agrees. I'd far prefer that security exploits be kept under people's hats as much as possible until a patch can be released; and I'd far rather wait a week or two for a patch than get an immediate patch and then randomly start seeing programs die on signal six or whatever. While I agree with Mr. Ptacek's ideals, I've noticed that his grand plan for immediate bug-fixes doesn't include a source of manpower. Talk, Mr. Ptacek, is cheap, as they say. All in all I am inclined to trust core on this sort of thing (even when they disagree with each other? hmm). They've been doing this for a *long* time, most of them, and they have a pretty good idea of what's practical and what's not. > -- > Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. > http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. > whois: [PHK] | phk@tfs.com TRW Financial Systems, Inc. > Power and ignorance is a disgusting cocktail. > Ben The views expressed above are not those of the Worker's Compensation Board of Queensland, Australia.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.970203124937.6759E-100000>