next message in archive
no next message in thread
previous message in archive
previous message in thread
Index of Subjects
Index of Subjects For sites west of here that aren't ready for bed I've posted the information to the ftp site as: README-SECURITY-Jan7-99 cheers david potter On Fri, 8 Jan 1999, Randy E. Sommerfeld wrote: > David; > > While I do believe that information regarding security is > important, I don't believe this "let's keep it quiet" attitude will > necessarily help anything. It's generally accepted practice in the > security field to publically post all information about a particular > problem -- with a fix -- to the public list, so it can be fixed on the > most systems in the least amount of time. Furthermore, since you posted to > a list that is for Chebucto Suite developers only, there is very little > risk of a malicious subscriber using the information to crack systems. > Diligent system administrators should be "on the ball", at any rate. > > Popular security lists such as "Bugtraq" follow this ideology. > > At any rate, as a system administrator of a csuite system, I would > like to know the exact details of this security problem, along with a fix > -- or I will be forced to remove access to our system until such > information is released. > > -- Randy Sommerfeld > > Sea to Sky Communities Network, Admin | "The world before the fall, > http://sea-to-sky.net/~cyan | Delightful is the light of dawn, > finger/email: cyan@sea-to-sky.net | Noble is the heart of man." >
next message in archive
no next message in thread
previous message in archive
previous message in thread
Index of Subjects