OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: [suse-security] Suggestion to the SuSE security people
From: Geordon VanTassle (adminthecoventree.com)
Date: Thu Oct 05 2000 - 08:36:51 CDT

Thanks, Roman. Whoever complains that SuSE support isn't helpful can just
get stuffed, IMHO. :)

To comment on a couple of things that you said...

At 08:14 AM 10/5/00, Roman Drahtmueller wrote:
> >
> > Where can I sign up to be a beta-tester? >;)
> >
> > Please, PLEASE keep us (me, at least) up to date on this.
> >
> > Thanks,
> > Geordon
>
>1) It is planned for the future.

Is there any sort of estimated time-line for release, or is it too early
for that?

>2) The details are not set yet.
>3) There will not be a "beta" program - if that stuff doesn't work, we
> don't ship it. Period.

<sarcasm>
Why would you want to make sure that your products are working before they
get to the public? After all, isn't that what initial release is for, to
let the public find and fix the bugs, so that you don't have to pay developers?
</sarcasm>

Thank you! After the fiasco that I had when going from RedHat 5.2 to 6.0
and the upgrade breaking EVERYTHING on my system... That and the fact that
I like to know that things are going to work as designed in the FIRST place
are tremendous assets. I'll skip the "public beta" if the result is a
correctly functioning product at release time.

>4) Package signing is an intrinsic value of such a system.

Where can I get the appropriate key? Are you going to use PGP/GPG for
signing?

>5) Resource issues will have to be resolved before the system starts.

<humour>
Gee, it sounds like you folks are thinking ahead. Why would you do
that? It's an awful lot like good customer service!
</humour>

>6) Of course, this list will be the first to read about it.

Thank you, thank you, danke!

>7) The directory with symlinks to security updates is independent from
> some (semi-)automatic update mechanisms. This may not be valid the
> other way around.

I'm a little confused about this... However, I'm sure that all will become
clear as time goes on.

>7) These format string parsing bugs are giving us a hard time these
> days. We can concentrate on update facilities as soon as the most
> urgent problems are out of our way.

Shame on you! Focusing on the highest priority problems first! That's not
on the "approved list of ways to run a business" that Micro~1 put out... ;)

>Thanks,
>Roman.

I for one appreciate it. Thank YOU , Roman and the rest of the SuSE folks here!

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com