| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
Ciaran McCreesh a écrit : |
| 5 |
> On Wed, 9 Jan 2008 20:06:00 +0100 |
| 6 |
> "Wulf C. Krueger" <philantrop@g.o> wrote: |
| 7 |
>> On Wednesday, 09. January 2008 19:45:38 Ciaran McCreesh wrote: |
| 8 |
>>>>> Then the one particular part of 3.5.5 that's affected gets fixed |
| 9 |
>>>>> and priority keyworded. |
| 10 |
>>>> So you suggest that mips keeps doing nothing and expect others to |
| 11 |
>>>> work *more* in exchange for that? |
| 12 |
>>> Well, most users will simply ignore or postpone the mass upgrade, |
| 13 |
>> So far so good. If users postpone it, that's entirely their |
| 14 |
>> responsibility. |
| 15 |
> |
| 16 |
> It's all very well to say that, but which do you care about? Covering |
| 17 |
> your ass and claiming that you have a secure distribution, or the |
| 18 |
> security of end user systems? |
| 19 |
> |
| 20 |
|
| 21 |
And what's the point in caring about the security of users systems, when |
| 22 |
some of them don't care themselves in the first place? Remember, Gentoo |
| 23 |
is all about choices. If users choose to skip security updates, it's up |
| 24 |
to them and there's nothing you can do to change it. When their boxes |
| 25 |
get rooted due to unpatched vulnerabilities, maybe they'll change their |
| 26 |
mind. Ok, I admit that a few dumbasses will claim that Gentoo sucks and |
| 27 |
switch to another distro instead, but hey, that's just the way it is. |
| 28 |
|
| 29 |
- -- |
| 30 |
Pierre-Yves Rofes |
| 31 |
Gentoo Linux Security Team |
| 32 |
-----BEGIN PGP SIGNATURE----- |
| 33 |
Version: GnuPG v1.4.7 (GNU/Linux) |
| 34 |
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org |
| 35 |
|
| 36 |
iD4DBQFHhSS/uhJ+ozIKI5gRAgJdAJjymZUrjZfg06W2TMohYZx3FSwsAJ9i4JD/ |
| 37 |
YZRXDJv/bZWzMXePfuP/Kg== |
| 38 |
=SFc9 |
| 39 |
-----END PGP SIGNATURE----- |
| 40 |
-- |
| 41 |
gentoo-dev@l.g.o mailing list |
Archives