non-disclosure of infrastructure problem a management issue?
Rahul Sundaram
sundaram at fedoraproject.org
Sat Aug 23 01:54:58 UTC 2008
Björn Persson wrote:
> Rahul Sundaram wrote:
>
>> https://www.redhat.com/archives/fedora-advisory-board/2008-August/msg00088.
>> html
>
> "Interfering with an investigation"? Bullshit!
You seemed to have missed out the details in front
"If you've ever been involved in a security investigation, you already
know that facts emerge over time. With every disclosure there's a risk
of getting those facts wrong, or having to issue retractions.
Disclosure at an inappropriate time gives people the mistaken impression
one is not being truthful, when that's not the case.
The disclosures we've made up to and including this point have been
factual, in the interest of protecting the security of our millions of
users, and in the further interest of allowing proper investigation and
analysis of an ongoing matter.
As I stated in the announcement, I'll continue to provide information as
it becomes available."
Rahul
More information about the fedora-list
mailing list