Re: Debian Investigation Report after Server Compromises

To: debian-user@lists.debian.org
Subject: Re: Debian Investigation Report after Server Compromises
From: Paul Morgan <paulswm@earthlink.net>
Date: Wed, 03 Dec 2003 06:56:00 -0500
Message-id: <[🔎] pan.2003.12.03.11.55.57.251296@earthlink.net>
References: <[🔎] FBB7FA61DBA2D5118D4F00065B046D6EC08B12@POLYMAIN2> <[🔎] pan.2003.12.02.23.17.25.389503@earthlink.net> <[🔎] 20031203070807.GM25739@ursine.ca>

On Tue, 02 Dec 2003 23:08:07 -0800, Paul Johnson wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Tue, Dec 02, 2003 at 06:17:44PM -0500, Paul Morgan wrote:
>> It would be a lot less stable and secure if debian started
>> publishing exploits.  The announcement explains quite clearly what
>> happened and how to protect your system.
> 
> Why does BugTraq do it?  Because it forces quick action.
> 
> Granted, this isn't a problem for a self-motivated project like
> Debian.  However, Debian is looked up to quite a bit in the software
> community, so shouldn't Debian be setting the example here?
> 

Paul, I think debian *is* setting the example by not further propagating
the exploit by publishing it.

-- 
....................paul


"I think that gay marriage is something that should be between a man and
a woman."

-- Arnold Schwarzenegger, Governor of California

Reply to:

References:
- RE: Debian Investigation Report after Server Compromises
  - From: Preston Boyington <PBoyington@polyengineering.com>
- RE: Debian Investigation Report after Server Compromises
  - From: Paul Morgan <paulswm@earthlink.net>
- Re: Debian Investigation Report after Server Compromises
  - From: Paul Johnson <baloo@ursine.ca>

Prev by Date: Re: My machine compromised?
Next by Date: Re: Debian Investigation Report after Server Compromises
Previous by thread: Re: Debian Investigation Report after Server Compromises
Next by thread: Re: Debian Investigation Report after Server Compromises
Index(es):
- Date
- Thread