[NBLUG/talk] reporting a bug in a major distro
Jeremy Turner
jeremy at linuxwebguy.com
Sat Aug 23 22:16:01 PDT 2003
On Sat, 2003-08-23 at 22:03, error wrote:
> I am more looking for what you would do.
>
> Would you report it to that email?
> Would you take it to full disclosure or bugtraq and cc them?
>
> Would you package a set of tools to exploit it? ;-p
Post it to slashdot ;)
<p class="Free-Software-Soapbox">
No, really, I think it's really the whole idea of open source/free
software for a white hat to report a potential exploit to the Right
People (tm). Being able to view the code means that you should report
any bugs or exploits. You also have the ability to check things out
under the hood and even contribute back to the community. But the open
source/free software community suffers if there are security holes left
that go unreported. Not to mention, security holes contribute to the
evil Microsoft FUD.
</p>
Jeremy
--
Jeremy Turner <jeremy at linuxwebguy.com>
The LinuxWebGuy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://nblug.org/pipermail/talk/attachments/20030823/38150627/attachment.pgp
More information about the talk
mailing list