[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-policies
Subject: Re: [kde-announce] KDE Security Advisory: Konqueror Referer
From: "Aaron J. Seigo" <aseigo () kde ! org>
Date: 2003-07-31 2:41:16
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 30 July 2003 08:14, Rob Kaper wrote:
> On Tue, Jul 29, 2003 at 07:56:16PM +0200, Dirk Mueller wrote:
> > > Why does it take 18 days to release a security update?
> >
> > It takes the time it needs to ship the fix.
>
> I would say that three business days should be enough for any
> self-respecting, commercial, professional distribution. I'm talking about
> the security fix here, no a complete KDE upgrade.
i'm unsure how to reply, as i'm not sure whether you are speaking from an
informed position re: security or whether you are simply speaking from a
theoretical standpoint. i say this because your argument sounds like that of
someone who has a theoretical unerstanding, rather than a practical one, of
the topic.
have you ever been directly involved with mandating and performing the
security processes of a substantial software project, or involved in
providing security services to such a project? if so, would you mind offering
an example?
please note that the above isn't meant as insult, anymore than you asking me
if i had ever skydived would be an insult if we were talking about safety
precautions involved in skydiving. =)
- --
Aaron J. Seigo
GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA EE75 D6B7 2EB1 A7F1 DB43
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
iD8DBQE/KIHN1rcusafx20MRApj8AJ0RFm1a71N97NXqHhIlK8bylLAJPQCfdFS/
dVyWVbioDTteIa/oXLxXdcE=
=FhcP
-----END PGP SIGNATURE-----
_______________________________________________
Kde-policies mailing list
Kde-policies@mail.kde.org
http://mail.kde.org/mailman/listinfo/kde-policies
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic