Re: Distributing Patches in Email (was: RE: EZ Shopper 3.0

From: der Mouse (mouseat_private)
Date: Fri Mar 03 2000 - 16:45:22 PST

Next message: Ronald Huizer: "Re: [ Hackerslab bug_paper ] Linux dump buffer overflow"

Previous message: David LeBlanc: "Re: Disk (over)quota in Windows 2000"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> As someone who works for a vendor that does distribute product
> updates via email, I feel that I need to respond.  An exception the
> rule Marc mentions should be non-executable, strongly signed updates.

Not good enough - it's too easy for someone to save an old update, then
much later, after bugs are known in it, forge mail from you including
the "update", thereby reintroducing known bugs into the customer's
system.

					der Mouse

			       mouseat_private
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Next message: Ronald Huizer: "Re: [ Hackerslab bug_paper ] Linux dump buffer overflow"
Previous message: David LeBlanc: "Re: Disk (over)quota in Windows 2000"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:38:54 PDT