Re: on potato's proftpd

To: debian developers <debian-devel@lists.debian.org>, debian security <debian-security@lists.debian.org>
Subject: Re: on potato's proftpd
From: Andrew Pimlott <andrew@pimlott.net>
Date: Wed, 3 Apr 2002 10:54:25 -0500
Message-id: <[🔎] 20020403155425.GI15303@pimlott.net>
Mail-followup-to: debian developers <debian-devel@lists.debian.org>, debian security <debian-security@lists.debian.org>
In-reply-to: <[🔎] 20020403012239.GB22638@fishbowl.madduck.net>
References: <20020330074519.GA10263@zebra.icicle.dhs.org> <20020330110902.GA2772@fishbowl.madduck.net> <20020331140241.GR23034@wiggy.net> <20020331155335.GA31573@fishbowl.madduck.net> <20020331180924.GU23034@wiggy.net> <[🔎] 20020402102744.GA26747@fishbowl.madduck.net> <[🔎] 20020402105001.GM23034@wiggy.net> <[🔎] 20020402164104.GA19756@fishbowl.madduck.net> <20020402204056.GB3973@sven.home.hoaxter.de> <[🔎] 20020403012239.GB22638@fishbowl.madduck.net>

On Wed, Apr 03, 2002 at 03:22:39AM +0200, martin f krafft wrote:
> but give me at least one argument why these acts cannot combine with
> a *temporary* fix uploaded to the so-called "security archives".

There are several good reasons:

  - If a band-aid fix is allowed, there is less incentive to find
    the correct fix.

  - If the problem isn't understood, there is a good chance that the
    band-aid doesn't really fix the problem, and a fair chance that
    it creates new problems.  If there are related problems (eg,
    similar bugs in different programs), they may go undiscovered.

  - Users would have to upgrade again when the permanent fix is
    released.  People running production systems like to minimize
    changes, so this could make them unhappy.

I think Wichert's position

Andrew


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: on potato's proftpd
  - From: Andrew Pimlott <andrew@pimlott.net>
- Re: on potato's proftpd
  - From: martin f krafft <madduck@madduck.net>

References:
- Re: on potato's proftpd
  - From: martin f krafft <madduck@madduck.net>
- Re: on potato's proftpd
  - From: Wichert Akkerman <wichert@wiggy.net>
- Re: on potato's proftpd
  - From: martin f krafft <madduck@madduck.net>
- Re: on potato's proftpd
  - From: martin f krafft <madduck@madduck.net>

Prev by Date: Re: on potato's proftpd
Next by Date: Re: on potato's proftpd
Previous by thread: Re: on potato's proftpd
Next by thread: Re: on potato's proftpd
Index(es):
- Date
- Thread