Daniel John Debrunner wrote:
The Apache Way includes:
- consistently high quality software
- security as a mandatory feature
What does "mandatory" mean? Clearly network server was released without
being secure and IMHO is still not secure, so does "mandatory" mean we
should have never released it? I have long worried about what a world
wide probe on port 1527 might glean. Incremental security fixes have
meant and will continue to mean incompatibilities. One user said to me,
it is not *if* something will break when we upgrade, it is *what* will
break when we upgrade. So, is Network Server release quality and
security according to the Apache Way and if not, what should we do
about it?
Kathey
