Re: Pro Disclosure (was Re: UnixWare)

Steve Simmons (scs@lokkur.dexter.mi.us)
Sat, 30 Apr 1994 17:57:33 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Steven C. Blair: "Re: Pro Disclosure (was Re: UnixWare)"
Previous message: Pat Myrto: "Re: Pro Disclosure (was Re: UnixWare)"
In reply to: Bennett Todd: "Re: Pro Disclosure (was Re: UnixWare)"
Next in thread: Oliver Friedrichs: "Re: Pro Disclosure (was Re: UnixWare)"

> . . . I'm optimistic that the typical time between bug discovery
>and widespread bug fixing may drop from years to months. Maybe even,
>with work, to weeks. Once lots of people are exploiting the bug, I
>think keeping it out of system administrators' hands changes from
>well-intentioned foolishness to seriously irresponsible, destructive
>behavior.
>
>This, as best I recall, is why the bugtraq list was started.

Right.  And Pauls point was that having CERT is better than not having
CERT.  It fills a function, but not the function that bugtraq fills.

Bashing CERT isn't part of bugtraqs function.  Maybe we need to require
all postings to report an open hole.  :-)

ObBugReport: NIS.

Next message: Steven C. Blair: "Re: Pro Disclosure (was Re: UnixWare)"
Previous message: Pat Myrto: "Re: Pro Disclosure (was Re: UnixWare)"
In reply to: Bennett Todd: "Re: Pro Disclosure (was Re: UnixWare)"
Next in thread: Oliver Friedrichs: "Re: Pro Disclosure (was Re: UnixWare)"