Chuq Von Rospach wrote on Wed, 9 Feb 2005 12:47:34 -0800: > Either way, something like this should have been left to the project > developers (i.e. barry) to disclose.
Correct. But it's out and it's not Ron to blame, so I don't see a reason for slapping Ron for posting it finally to the list. > putting it on THIS list before the formal patches are ready is a great > way to teach everyone who didn't come up with the attack what it is, > while mailman sites don't have a patch to solve it. Before, only a few > people knew about it (including, obviously, some blackhats). now, lots > of folks do. That makes life worse, not better, for lots of us. This is not meant as an offense, but this is nonsense. It's been released on full-disclosure. That's enough to inform everyone who's interested in harming others. Posting it here, doesn't add anything to that. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com IE-Center: http://ie5.de & http://msie.winware.org ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
