On 29-Dec-98 18:35:30, Soffen, Matthew wrote something about "RE: Frivolous forking".
I just couldn't help replying to it, thus:
> But would you really want RedHat fixing qmail instead of DJB ?
I would definitely want RedHat to be in a position to release a fixed
version, even if the fix should turn out to be only a stop-gap measure. Once
a fixed version arrives from the author, I'd install that.
> If security holes were found (REAL security holes), DJB would be the 1st
> to want them fixed right, not a quick fix as an os vender/redhat would
> do.
I am not questioning DJB's intentions here - of course he would do his
best to fix a security hole, but what if he happens to be incapacitated (sp?)
at just the wrong time, e.g. runs out in front of a bus? Should RedHat then
just sit there, twiddling their thumbs, saying "Sorry, we have a fix ready,
but we're not allowed to give it to you" to their customers, while waiting
for Dan to recover?
One solution would be for Dan ro allow RedHat to make only modifications
that fix security holes. This means Dan would have to trust RedHat not to
abuse this right.
Regards,
/������������������������������T�����������������������������������������\
| Rask Ingemann Lambertsen | [EMAIL PROTECTED] |
| Registered Phase5 developer | WWW: http://www.gbar.dtu.dk/~c948374/ |
| A4000, 775 kkeys/s (RC5-64) | "ThrustMe" on XPilot and EFnet IRC |
| I'm as confused as a baby at a topless bar! |
