Bugtraq mailing list archives
Re: UnixWare
From: rcm () bullwinkle us dell com (Ron McDowell)
Date: Wed, 27 Apr 1994 14:17:36 -0500 (CDT)
Michael Neuman wrote:
From spaf () cs purdue edu Wed Apr 27 11:52:25 1994If you are going to direct criticism, direct it where it belongs -- at vendors (and at customers who blindly buy the crap some vendors put out).I'd agree with you EXCEPT I wasn't suggesting CERT should "fix the bugs faster" as you imply. I'm complaining that they get a report of a hole, pass it on to the vendors, and that's it. As I said above, I'd much rather shut down some functionality on my system and wait for a patch then leave my systems wide open. This is not a criticism of CERT per se, but just the systems we have in place in general. If CERT doesn't want this task of sending out advisories that look like, "There's a problem in rdist, shut it down completely until a patch is available or else..." than someone else should.
And the added pressure on the vendors by making these things public
sooner might help to light a fire under them to get their code cleaned up,
which would be a big plus for all of us.
--
Ron McDowell - Dell Computer Corp., 512-728-3570 rcm () bullwinkle us dell com
"Hey Rocky, watch me pull a rabbit outta my hat!"
Current thread:
- HP's security stance (was Re: UnixWare), (continued)
- HP's security stance (was Re: UnixWare) Bennett Todd (Apr 28)
- Re: HP's security stance (was Re: UnixWare) Gene Spafford (Apr 28)
- Re: UnixWare Christopher Klaus (Apr 28)
- Re: UnixWare Gene Spafford (Apr 28)
- Re: UnixWare Perry E. Metzger (Apr 27)
- Re: UnixWare Bonfield James (Apr 28)
- Re: UnixWare Ron McDowell (Apr 27)
- Re: UnixWare Perry E. Metzger (Apr 27)
- Re: UnixWare Bennett Todd (Apr 27)
- Re: UnixWare Perry E. Metzger (Apr 28)
- Re: UnixWare (I think it's time to pick a new subject) Doug Hughes (Apr 28)
- Re: UnixWare Marc W. Mengel (Apr 29)
- Re: UnixWare Daniel R Ehrlich (Apr 28)
- Re: UnixWare Perry E. Metzger (Apr 28)