[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Security flaw in klock
From: Alex Zepeda <garbanzo () hooked ! net>
Date: 1999-06-24 8:19:13
[Download RAW message or body]
On Wed, 23 Jun 1999, Maurizio Paolini wrote:
> Hello,
> this is my first post to this list, so please forgive me if this
> is off topic or badly formulated.
First post or not, this post is *completely* inappropiate. Until I
stumbled over an ill-mannered RedHat employee, nothing had been sent
towards by you to anyone KDE related. Please before you post something
that may or may not be a bug, check with the author, or some KDE related
person (when in doubt, coolo@kde.org or the KDE bug tracking system are
safe bets).
Secondly, and in my opinion, more annoying (for lack of a better non four
letter word), in talking to this nameless RH employee over IRC, I learned
that he had come up with an exploit and sent it off to BugTraq (as of yet,
I haven't received anything of this nature from BT). This was completely
unprofessional (should I expect more from RH? I doubt it).
In the future I'd like to request that if someone (especially someone
acting on behalf of a corporate entity) finds an exploit, that they would
kindly make a good faith effort to contact the maintainer of the program
(or in the case of KDE or Gnome) someone affiliated with the project.
Merely firing off a warning email and being too impatient to wait for a
reply (24 hours is far from unreasonable) is in extremely poor taste.
P.S. I truely hope that this employee will come up with the promised bug
fix.
- alex
I thought felt your touch
In my car, on my clutch
But I guess it's just someone who felt a lot like I remember you.
- Translator
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic