[Mailman-Users] any info on this reported exploit?

Mon Jan 30 11:40:27 CET 2006

At 10:14 PM -0500 2006-01-29, Jim Popovitch wrote:

>  Well, I disagree with the current procedure, which based on past emails,
>  suggests that no one is kept informed about security concerns, and only
>  those that hear about one on their own can get a private response by
>  emailing mailman-security.

	I think our security record is much better than most other 
open-source projects, and I think that we have much more open and 
frank discussions between the principal developers and the 
wheels-meet-the-road admins, owners, and moderators than most other 
open-source projects.

	We don't deserve to be treated like this, especially not by the 
likes of you.

>>  But if you can't (or won't) follow the proper procedures, then I
>>  think it's perfectly reasonable to ask that you go somewhere else.
>
>  Thanks, I'll think more of you because you think I should go. <sigh>

	Frankly, I don't care what you think of me.  I care that you are 
willing and able to follow the specified procedures, and if you can't 
(or won't) do that then you don't belong here.

>  Perhaps I am not the stumbling block here.

	I think you're stumbling over your own feet.  Maybe you want to 
take them out of your mouth once in a while.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

  LOPSA member since December 2005.  See <http://www.lopsa.org/>.