Re: [d-security] Re: [SECURITY] [DSA 532-1] New libapache-mod-ssl packages fix multiple vulnerabilities

To: "Bernhard R. Link" <brl@pcpool00.mathematik.uni-freiburg.de>
Cc: debian-security@lists.debian.org
Subject: Re: [d-security] Re: [SECURITY] [DSA 532-1] New libapache-mod-ssl packages fix multiple vulnerabilities
From: elijah wright <elw@stderr.org>
Date: Wed, 28 Jul 2004 08:10:14 -0500 (CDT)
Message-id: <[🔎] Pine.LNX.4.58.0407280808330.1236@illuminati.stderr.org>
In-reply-to: <[🔎] 20040728080248.GA26244@pcpool00.mathematik.uni-freiburg.de>
References: <20040723032933.GZ4126@alcor.net> <[🔎] 410635F6.8080108@rhesa.com> <[🔎] 20040727114219.GF13168@westend.com> <[🔎] 41067CA1.9050505@rhesa.com> <[🔎] Pine.LNX.4.58.0407271225000.26002@illuminati.stderr.org> <[🔎] 20040728080248.GA26244@pcpool00.mathematik.uni-freiburg.de>

> * elijah wright <elw@stderr.org> [040727 19:40]:
> > and it probably would have been fine, if you'd been running a stock
> > config.
>
> If things only have to be fine when using a stock config, why not
> abolish all those limiting rules about /etc and just disallow the use to
> cope with it directly and keep it under total control of the packaging
> system and some configuration managment like some YaST ported to Debian?

i guess you must have missed the part about it being a non-package version
of apache being broken by debian's package system touching its config
files...

> > with great power comes great responsibility (for your customized
> > servers
> >
> > in general i don't like the thought of funky hacks being added to
> > packages just to avoid stomping all over someone else's custom setup.
>
> Hallo? This is Debian. Changing a configuration file is proper and
> intended use of the system. Making such things break is the worst thing
> after remote root exploits and deleting arbitrary data in my eyes. And I
> think in many other people's eyes, who choose Debian.

a red herring.  blaming the package system for breaking someone's
not-controlled-by-thepackage-system tweaks is stupid.

elijah

Reply to:

References:
- Re: [SECURITY] [DSA 532-1] New libapache-mod-ssl packages fix multiple vulnerabilities
  - From: Rhesa Rozendaal <rhesa@rhesa.com>
- Re: [d-security] Re: [SECURITY] [DSA 532-1] New libapache-mod-ssl packages fix multiple vulnerabilities
  - From: Christian Hammers <ch@lathspell.de>
- Re: [d-security] Re: [SECURITY] [DSA 532-1] New libapache-mod-ssl packages fix multiple vulnerabilities
  - From: Rhesa Rozendaal <rhesa@rhesa.com>
- Re: [d-security] Re: [SECURITY] [DSA 532-1] New libapache-mod-ssl packages fix multiple vulnerabilities
  - From: elijah wright <elw@stderr.org>
- Re: [d-security] Re: [SECURITY] [DSA 532-1] New libapache-mod-ssl packages fix multiple vulnerabilities
  - From: "Bernhard R. Link" <brl@pcpool00.mathematik.uni-freiburg.de>

Prev by Date: Re: init scripts and su
Next by Date: coreutils/fileutils : 'dir' integer overflow vulnerability on woody
Previous by thread: Re: [d-security] Re: [SECURITY] [DSA 532-1] New libapache-mod-ssl packages fix multiple vulnerabilities
Next by thread: Re: [SECURITY] [DSA 532-1] New libapache-mod-ssl packages fix multiple vulnerabilities
Index(es):
- Date
- Thread