posting bug-tickling source was a Good Thing
Chip Salzenberg
chip at tct.uucp
Wed Feb 20 08:57:46 AEST 1991
According to pdg at chinet.chi.il.us (Paul Guthrie):
>Posting the source code and binary was very irresponsible. Some of
>us were working through ISC's support channels to get this fixed
>(and had been promised results).
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
And you *believed* them? Foolish earthling!
ISC and Everex have been sitting on this bug for *years*. That's
right, *years*. And you call the *whistle-blower* irresponsible?!
Posting the source code was a last, desperate attempt to provoke
action. Fortunately, it seems to have worked. Considering the
ramifications of the bug, posting source was entirely appropriate.
Remember:
"It's not a security hole, it's a SECURITY ABYSS."
-- Christoph Splittgerber
--
Chip Salzenberg at Teltronics/TCT <chip at tct.uucp>, <uunet!pdn!tct!chip>
"I want to mention that my opinions whether real or not are MY opinions."
-- the inevitable William "Billy" Steinmetz
More information about the Comp.unix.sysv386
mailing list