Date: Fri, 17 Jan 2003 18:49:40 -0800 From: Juli Mallett <jmallett@FreeBSD.org> To: Robert Watson <rwatson@FreeBSD.org> Cc: "Bruce A. Mah" <bmah@FreeBSD.org>, Alfred Perlstein <bright@mu.org>, Gregory Sutter <gsutter@zer0.org>, Nate Lawson <nate@root.org>, Martin Blapp <mb@imp.ch>, cvs-all@FreeBSD.org, cvs-committers@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/mountd mountd.c src/usr.sbin/rpc.lockd lockd.c src/usr.sbin/rpc.statd statd.c src/usr.sbin/rpc.yppasswdd yppasswdd_main.c src/usr.sbin/rpcbind rpcb_svc_com Message-ID: <20030117184940.A13960@FreeBSD.org> In-Reply-To: <Pine.NEB.3.96L.1030117201712.57637A-100000@fledge.watson.org>; from rwatson@FreeBSD.org on Fri, Jan 17, 2003 at 08:20:04PM -0500 References: <20030117155605.A4640@FreeBSD.org> <Pine.NEB.3.96L.1030117201712.57637A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
* De: Robert Watson <rwatson@FreeBSD.org> [ Data: 2003-01-17 ] [ Subjecte: Re: cvs commit: src/usr.sbin/mountd mountd.c src/usr.sbin/rpc.lockd lockd.c src/usr.sbin/rpc.statd statd.c src/usr.sbin/rpc.yppasswdd yppasswdd_main.c src/usr.sbin/rpcbind rpcb_sv > > On Fri, 17 Jan 2003, Juli Mallett wrote: > > > We just need to know that there *is* a security-related aspect to what > > has been committed, and that we should await further info. > > You may feel that way, but you'd be wrong. We receive advance information > on vulnerabilities only under very specific conditions, and those > conditions frequently don't including telling Juli about unannounced > vulnerabilities in hundreds of thousands of machines. Handling of > security vulnerabilities is one of the more interesting sets of conflicts > open source systems have to deal with by nature. Let's not make it any > harder than it already is. Fair enough. I eventually realised it's impossible to have such a system in place. It just sounded like it might be helpful for inter-project communication at the time. My use of the word need there was in "in the context of this, no specifics should be exchanged, but a heads up is nice." Not as in I felt we actually had a need to know this sort of information. Idea discussion very seldom has to do with taking everyone's perspective into mind, that's what the discussion is for. Not for being right about everything right off the bat, and some of the replies seem to forget that. -- Juli Mallett <jmallett@FreeBSD.org> AIM: BSDFlata -- IRC: juli on EFnet. OpenDarwin, Mono, FreeBSD Developer. ircd-hybrid Developer, EFnet addict. FreeBSD on MIPS-Anything on FreeBSD. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030117184940.A13960>