RE: Debian Investigation Report after Server Compromises
On Tue, 02 Dec 2003 15:01:48 -0600, Preston Boyington wrote:
>
> I agree. I support and recommend Debian to my peers and clients on the
> basis that Debian is a stable and secure distribution. Therefore when
> something (such as this) happens I want to have full disclosure so I can
> confidently deploy Debian on our network.
>
> Preston
It would be a lot less stable and secure if debian started
publishing exploits. The announcement explains quite clearly what
happened and how to protect your system.
How would debian publishing the exploit code to the world make your system
more secure? What specifically would you do with it which you can't do
with the information you already have?
Please don't post HTML.
--
....................paul
"Reports that say that something hasn't happened are always interesting
to me, because as we know, there are known knowns; there are things we
know we know. We also know there are known unknowns; that is to say we
know there are some things we do not know. But there are also unknown
unknowns - the ones we don't know we don't know."
- Donald Rumsfeld, US Secretary of Defense, Winner of British Plain
English Campaign's 2003 "Foot in Mouth" award.
Reply to: