Re: PING: Igor S. , regarding Kerberos v4. - BSD

This is a discussion on Re: PING: Igor S. , regarding Kerberos v4. - BSD ; George Orwell wrote: > I don't use a local MTA , and don't have a particularly > reliable email-provider at present , but I did send the > following pseudo-anonymous email to bugs@openbsd.org : [...] > Thank-you and Best Regards ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Re: PING: Igor S. , regarding Kerberos v4.

  1. Re: PING: Igor S. , regarding Kerberos v4.

    George Orwell wrote:
    > I don't use a local MTA , and don't have a particularly
    > reliable email-provider at present , but I did send the
    > following pseudo-anonymous email to bugs@openbsd.org:

    [...]
    > Thank-you and Best Regards , An Odd User."


    Igor Sobrado wrote:

    >Hi George.


    >That is not a bug report at all. Please, read the next reference
    >before submitting a bug report: http://www.openbsd.org/report.html


    >The problem description is wrong too. All information required to
    >open a good bug report on this issue is provided in the thread;
    >I certainly do not know why you are not using that information
    >to fill the bug report.


    >Cheers,
    >Igor.






    It seemed sufficient to me Igor , all the project should need is a
    "heads up" that some issues are outstanding. Obsolete configuration
    files and references to archaic software should have been removed before
    newer versions were added IMO , it seems unusually sloppy , and it seems
    like an issue that users should not have to submit Problem Reports to have
    resolved.


    It would be nice if there were an SSL-enabled website somewhere that
    OpenBSD users could submit problems to , but I know of none.
    I see no reason why users cannot be provided with a secure and pseudo-anonymous
    way to alert the project about possible problems. If I should find some serious
    flaw in software I currently use , I certainly do not wish to be leaving email or
    Web audit-trails all across the Internet giving directions to the location of my
    affected system.


    At present it would seem that any more serious Problem Reports are going to be
    bouncing around the Internet for who knows how long before anyone can even
    consider corrective actions or patches. I wouldn't think it would be a good idea
    to give lead-time to those predisposed to exploiting system weaknesses.


    Feel free by all means to submit a report or reports of your own. I personally
    don't wish to spend huge amounts of my time trying to track down every single
    obsolete Kerberos v4 configuration file or reference. Someone in the project
    must use (or have used) these things and are in a far better position than myself
    to correct or delete them. I merely wished to bring the issue to their attention.


    Regards , An Odd User.


  2. Re: PING: Igor S. , regarding Kerberos v4.

    Nomen Nescio wrote:
    > George Orwell wrote:
    >> I don't use a local MTA , and don't have a particularly
    >> reliable email-provider at present , but I did send the
    >> following pseudo-anonymous email to bugs@openbsd.org:

    > [...]
    >> Thank-you and Best Regards , An Odd User."

    >
    > Igor Sobrado wrote:
    >
    >> Hi George.

    >
    >> That is not a bug report at all. Please, read the next reference
    >> before submitting a bug report: http://www.openbsd.org/report.html

    >
    >> The problem description is wrong too. All information required to
    >> open a good bug report on this issue is provided in the thread;
    >> I certainly do not know why you are not using that information
    >> to fill the bug report.

    >
    > It seemed sufficient to me Igor , all the project should need is a
    > "heads up" that some issues are outstanding. Obsolete configuration
    > files and references to archaic software should have been removed before
    > newer versions were added IMO , it seems unusually sloppy , and it seems
    > like an issue that users should not have to submit Problem Reports to have
    > resolved.
    >
    > It would be nice if there were an SSL-enabled website somewhere that
    > OpenBSD users could submit problems to , but I know of none.
    > I see no reason why users cannot be provided with a secure and pseudo-anonymous
    > way to alert the project about possible problems. If I should find some serious
    > flaw in software I currently use , I certainly do not wish to be leaving email or
    > Web audit-trails all across the Internet giving directions to the location of my
    > affected system.
    >

    So, instead you post them to USENET?

+ Reply to Thread