On Sat Sep 01, 2001 at 10:05:18AM +0400, Andrej Borsenkow wrote:
> >>If the user is trained to visit Mdk's homepage for security notes, then all
> >>relevant information could be given there.
> >>
> >
> > So how do we train them? I'd like to think I spend the time writing
> > advisories and posting them on MandrakeForum and the updates pages as well as
> > security-announce is for a good reason, but if people are missing out
> > on these tools that have existed for a long time, then I'm at a loss
> > as to how to educate them.
> >
> > Suggestions are welcome.
> >
>
> In old 7.2 times MandrakeUpdate program showed you security advisory
> text (i.e. when you selected update you got the same text as on Web site
> or in security advisory). At least rpmdrake from 8.0 does not do it
> anymore (correct me if I am mistaken). You get just normal description
> from rpm -qi.
Yes, I consider this a bug in current rpmdrake. The descriptions for
security updates is very important and I know David was planning to
implement this again, but I'm not sure as to when. I hope this can
get back into 8.1 as it's a (IMNSHO) necessary feature.
> rpmdrake must show security advisory text for security updates. I would
> even go so far as to say, it should not allow installation unless user
> acknowledged that (s)he has read the text.
I agree completely.
--
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD
- Danen Consulting Services www.danen.net, www.freezer-burn.org
- MandrakeSoft, Inc. Security www.linux-mandrake.com
Current Linux kernel 2.4.7-12.3mdk uptime: 1 day 9 hours 31 minutes.
PGP signature
