[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Mozilla security problems in stable

On Friday 01 November 2002 13:44, Wouter Verhelst wrote to 
> On Thu, Oct 31, 2002 at 10:27:40PM +0100, Yven Leist wrote:
> > I could not think of anyone who would not benefit from mozilla 1.0.1
> > getting into stable. I'm sure the chance that our users are hit by one of 
> > these 130 stability and dataloss bugs is far greater than the chance that 
> > they are hit by some currently undiscovered bug, introduced with the
> > changes between 1.0.0 and 1.0.1. 
> >
> > The most important thing to keep in mind here IMHO, is that mozilla is
> > not in any way mission-critical, therefore I'd even regard it as some
> > sort of no-brainer as far as woody is concerned.
> How the hell can you know that?
> Consider a situation where someone working on an intranet-site tries to
> break into the servers by breaking someone's root password through a
> webpage.
> Consider a webkiosk, the owner of which does not want to reinstall his
> system every week or so.

He has to do that anyway, due to the fact that at least the security fixes 
will be backported, so I do not really see the point here. 

> Consider a single server where people log in to using X terminals (yeah,
> such a setup still exists) and where the admin likely wants to have
> local applications to be as bug-free (security-wise, that is) as
> possible.

Sure. But the thing is that if I was the admin of that server, I'd put 
greater trust in the mozilla developers not introducing any new security bugs 
while fixing the old ones, than in the Debian developers really getting all 
these security fixes properly backported, simply because mozilla is such a 
huge project and naturally the mozilla developers know their code better than 
anyone else. And for me that does _not_ translate into "I always blindly 
trust upstream" or "the security team is superfluous because they can't get 
backports right"...

> > (Please note, that I'd not say the same thing about _really_ critical
> > parts of the system, I'm absolutely aware of the dangers involved there,
> Sure. Still, there's no reason to divide between 'mission-critical'
> stuff and stuff that isn't. In a situation where central authentication
> is set up using LDAP, the Kerberos packages on J. Random R&D-hacker's
> personal system are not mission critical, while the LDAP-server sure is.
> Whether or not something is 'mission-critical' depends on the 'mission'
> it needs to serve. And that is something that Debian cannot even try to
> define; therefore, all packages need to go by the same standards.

Well, I think Debian really should try to define this, simply by applying 
common sense: a data corruption bug in the gimp is not as bad as one in 



Yven Johannes Leist - leist@beldesign.de

Reply to: