martin f krafft wrote:
That's a thing of your webhoster. But if I knew of e.g. a root
exploit in the HTTP part of a mission-critical server containing
secret data, i want to turn it off, or take additional security
precautions, like a firewall layer etc.
I don't mean to sound like an ass, but if you have a mission-critical
server or any server with secret data on it shouldn't a firewall already
be in place for it? I mean it is naive to expect all software to not
have security issues sometimes. Plus there is a good chance that
someone who wishes to get the information off of your server could have
learned about the exploit before it was reported to or by the debian
security team. I think pretty much that the debian security team exists
more for making applications secure not for keeping your system secure,
if that makes sense. Pretty much the security team is doing a different
job then you expect them to.
I dunno,
Tucker
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]