|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Distributing Patches in Email (was: RE: EZ Shopper 3.0 shopping cart CGI remote command execution)
From: der Mouse (mouse
RODENTS.MONTREAL.QC.CA)Date: Fri Mar 03 2000 - 18:45:22 CST
- Next message: Derek Callaway: "(fwd) Dump/restore 0.4b15 released"
- Previous message: David LeBlanc: "Re: Disk (over)quota in Windows 2000"
- Maybe in reply to: Scott Blake: "Distributing Patches in Email (was: RE: EZ Shopper 3.0 shopping cart CGI remote command execution)"
- Next in thread: Dirk Nimmich: "Re: Distributing Patches in Email"
- Maybe reply: der Mouse: "Re: Distributing Patches in Email (was: RE: EZ Shopper 3.0 shopping cart CGI remote command execution)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> As someone who works for a vendor that does distribute product
> updates via email, I feel that I need to respond. An exception the
> rule Marc mentions should be non-executable, strongly signed updates.
Not good enough - it's too easy for someone to save an old update, then
much later, after bugs are known in it, forge mail from you including
the "update", thereby reintroducing known bugs into the customer's
system.
der Mouse
mouserodents.montreal.qc.ca
7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
- Next message: Derek Callaway: "(fwd) Dump/restore 0.4b15 released"
- Previous message: David LeBlanc: "Re: Disk (over)quota in Windows 2000"
- Maybe in reply to: Scott Blake: "Distributing Patches in Email (was: RE: EZ Shopper 3.0 shopping cart CGI remote command execution)"
- Next in thread: Dirk Nimmich: "Re: Distributing Patches in Email"
- Maybe reply: der Mouse: "Re: Distributing Patches in Email (was: RE: EZ Shopper 3.0 shopping cart CGI remote command execution)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]