OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: [suse-security] Suggestion to the SuSE security people
From: Kurt Seifried (listuserseifried.org)
Date: Thu Oct 05 2000 - 00:06:53 CDT

> Hi,

[snipsnip]

> What I wanted to see (I know that will be absolutely irrelevant for
> most) was an "I" od "X" flag to announcements, preferred in the
> subject, indicating an vulnerabity to attacks from internal or external
> source. (I do not care about vulnerabities from internal users, either
> for the lock of them or their lack of knowledge)

Most advisories usually classify the threat (internal, external, needs an
account or not). This is actually something SecurityPortal is working on,
since we sell information/etc. I've tried to get people interested in this
(wrote an article on writing security advisories):

http://www.securityportal.com/closet/closet20000913.html

I'm not sure having it in the subject line of the email is needed, but it
definetely should be in the advisory somewhere near the top.

> mike

-Kurt

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com