Date: Mon, 20 Jul 1998 12:27:55 -0600 From: Brett Glass <brett@lariat.org> To: "Christopher G. Petrilli" <petrilli@dworkin.amber.org> Cc: "Gentry A. Bieker" <gbieker@crown.NET>, security@FreeBSD.ORG Subject: Re: Why is there no info on the QPOPPER hack? Message-ID: <199807201828.MAA21514@lariat.lariat.org> In-Reply-To: <Pine.BSF.3.96.980720141205.4600E-100000@dworkin.amber.org> References: <199807201809.MAA21160@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I'd go further. I'd be willing to allow an INSTANT automatic upgrade if the FreeBSD Security Manager sent a message, digitally signed with a nice, long key, saying that a serious exploit might be imminent. It'd be worth the risk. In the case of the QPopper hole, it would have been the Right Thing. The feature would, of course, be optional. Not everyone would turn it on, but *I* would. --Brett GLass At 02:13 PM 7/20/98 -0400, Christopher G. Petrilli wrote: >On Mon, 20 Jul 1998, Brett Glass wrote: > >> It might save your butt. >> >> But who said anything about "randomly?" The aforementioned Windows apps >> do let you upgrade when you want to, and let you roll back. > >I think that the idea of "notification" of a new update is wonderful, >however, installation should not be in anyt way "automatic", even if you >say "sure upgrade my machine while I cross my fingers and hope that >nothing 'unusual' happens." This however, is trvially accomplished >through either a modification to the package mechanism (providing an >extra utility), or simply having email lists. > >Chris > > >> At 01:52 PM 7/20/98 -0400, Christopher G. Petrilli wrote: >> >> >On Mon, 20 Jul 1998, Brett Glass wrote: >> > >> >> At 11:28 AM 7/20/98 -0500, you wrote: >> >> >> >> >You don't expect all of your software to automaticly upgrade for you, >> do you? >> >> >> >> That's a darn good idea. Several Windows apps do this already. Why not >> >> the FreeBSD ports? >> > >> >Oh yes, I definately want my applications randomly upgrading themselves >> >... this will fix all my security holes :-) >> > >> >Chris >> >-- >> >| Christopher Petrilli >> >| petrilli@amber.org >> > >> > >-- >| Christopher Petrilli >| petrilli@amber.org > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807201828.MAA21514>