Re: DSA 438 - bad server time, bad kernel version or information delayed?
On Thu, Feb 19, 2004 at 09:12:42PM -0700, s. keeling wrote:
> Incoming from Matt Zimmerman:
> > On Thu, Feb 19, 2004 at 02:24:42PM +0100, Florian Weimer wrote:
> >
> > > You don't. Tough luck, of course, but that's the price for running
> > > affordable, off-the-shelf software (free or proprietary).
> >
> > You seem to imply that one is better off with a proprietary software vendor.
>
> I think you mis-read him Matt. Note the "free or proprietary."
>
> He's saying you can go with commercial software, and fixes may take
> months. Or go with Open Source, and fixes may take (eg.) weeks. In
> either case, you will have to wait.
Note the "affordable, off-the-shelf". The implication being that if you pay
more to a proprietary software vendor (and they typically are more
expensive), then you'll be better off security-wise.
--
- mdz
Reply to: