oss-sec mailing list archives

Re: Closed list

From: Solar Designer <solar () openwall com>
Date: Tue, 5 Apr 2011 16:30:37 +0400

On Tue, Apr 05, 2011 at 07:19:08AM -0400, Josh Bressers wrote:

Not adding Apple to any coordination list would be plain silly. They were
far more active than most of the distributions.


Yes.  But why do they need to be aware, say, of glibc vulnerabilities
(ones that are in fact believed to be glibc-specific)?

I'm starting to worry we've created rules for the sake of rules, which
almost never has a net positive outcome.


What do you propose?  Go back to a vendor-sec style list, open to
anyone who is approved by other list members, and accept the accusations
of being subjective in who we subscribe?  I can set one up alongside the
Linux distros list... then let the senders decide which list they want.

Alexander

Current thread:

Re: Closed list, (continued)
- - Re: Closed list Eugene Teo (Apr 04)
    - Vouching system (was Re: [oss-security] Closed list) Eugene Teo (Apr 05)
    - Re: Vouching system (was Re: [oss-security] Closed list) Solar Designer (Apr 05)
  - Re: Closed list Solar Designer (Apr 04)
- Re: Closed list Jeffrey Czerniak (Apr 04)
  - Re: Closed list klondike (Apr 04)
    - Re: Closed list Solar Designer (Apr 04)
  - Re: Closed list Solar Designer (Apr 04)
    - Re: Closed list Jeffrey Czerniak (Apr 04)
    - Re: Closed list Josh Bressers (Apr 05)
    - Re: Closed list Solar Designer (Apr 05)
    - Re: Closed list Josh Bressers (Apr 05)
    - Re: Closed list Vincent Danen (Apr 05)
    - Re: Closed list Andrea Barisani (Apr 05)
    - Re: Closed list Vincent Danen (Apr 05)
    - Re: Closed list Solar Designer (Apr 05)
    - Re: Closed list Vincent Danen (Apr 05)
    - Re: Closed list Jeremy Stanley (Apr 06)
    - Re: Closed list Mike O'Connor (Apr 05)
    - Re: Closed list Drew Yao (Apr 20)
    - Re: Closed list Solar Designer (Apr 24)

(Thread continues...)