Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid

Comment on

( #3333=superdoc: print w/replies, xml ) Need Help??
I wish following BUGTRAQ was a 'damn good idea', but currently I don't see the point in doing so.
  1. BUGTRAQ is a moderated list.
  2. CERT, SANS and others coordinates all advisories with the authors of the missbehaving package and all big Linux distributions. And together they decide when to release the advisory.

From my point of view (sysadm) this s**cks.

Anyone remember an advisory about Wu-FTPD six months ago. IIRC Redhat published there advisory as soon as they had a fix, and the other distributors and CERT(?) accused Redhat of not following the rules regarding how advisories should be published.

I am not interested in the upgraded package, I want to know when someone find a exploitable security bug.
If there is a security bug in some vital piece of software, like apache or ssh, maybe the right thing to do is shut the service down. But since we want be telled that the bug exist until RedHat/Mdk/Caldera etc etc etc all have updated package, we have production system with exploitable holes.

Regarding the Perlmonks code: Doesn't the Perlmonks community hold all the best perl hackers on the planet?
If the code could not stand the audit from it's own community, then maybe it's time to throw old things out, do it all over again and do it right (Flame, flame :) )

In reply to Re: Re: Security matters: keep thy doors closed! by nacka
in thread Security matters: keep thy doors closed! by vladb

Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":

  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?

    What's my password?
    Create A New User
    and all is quiet...

    How do I use this? | Other CB clients
    Other Users?
    Others exploiting the Monastery: (2)
    As of 2018-04-24 16:44 GMT
    Find Nodes?
      Voting Booth?