kstuff 0.18 (part 1/6)
kyle at UUNET.UU.NET
kyle at UUNET.UU.NET
Tue May 14 03:16:19 AEST 1991
Dan Bernstein writes:
> To the net, then: What Bill is referring to is a message I sent him last
> week. He posted something about how without full details of the tty
> security holes there's no way people can fix the problem. Now I've been
> reacting rather strongly to such statements---I *have* posted a complete
> fix, and as my last message should make clear, people do not need break
> code to understand why the fixes work. If there weren't a published fix
> then people would have a perfect right to complain. But this time there
> *is*, and I think people should take a step back and review what's
> actually happened here before they shout further religious stupidities.
You did indeed post a fix. But without the details, it's very
hard for admins to come up with alternate solutions that don't
impact their base of users and programs as much. It's hard to
close a hole if you don't know what it is. Your proposed fixes
might be complete and correct, but still not be the best for a
particular installation.
Don't take this as another flame, it's not. I'm just pointing
out that reality often demands more than one solution to a
problem.
More information about the Comp.unix.wizards
mailing list