|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Jonathan Kamens (jik
kamens.us)
Date: Fri Oct 15 2010 - 00:03:31 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 10/14/2010 05:09 AM, Chris Evans wrote:
> In this instance, the most productive way forward might be to submit a
> patch. I'm sure the developers would be more receptive to an approach
> based on "here's a nice new feature" rather than an approach based on
> "pitchforks recruited from full-disclosure".
Quoting from Ryan's message that started this thread
<http://seclists.org/fulldisclosure/2010/Oct/86>:
There have been quite a few bug and features requests filed, and
they all get closed or rejected within a week or so. I also posted
something in the developer forum inquiring about this, and received
this response:
"I do not see any harm in storing credentials as long as the rest of
your system is properly secure as it should be."
It would appear that your certainty that "the developers would be more
receptive..." to a patch is misplaced.
jik
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]