Subject: Re: php and audit-packages
To: Joerg Sonnenberger <joerg@britannica.bec.de>
From: D'Arcy J.M. Cain <darcy@NetBSD.org>
List: tech-pkg
Date: 04/24/2007 08:40:55
On Tue, 24 Apr 2007 13:21:20 +0200
Joerg Sonnenberger <joerg@britannica.bec.de> wrote:
> I'm opposing to remove entries because they can't be fixed. I also don't
> think an entry in the MESSAGE file raises the awareness well enough.
> Sadly enough, enough people are using open_basedir and trusting it...

I agree.  What's the point of advising our users of security holes if
we only warn about the ones that can be fixed?

-- 
D'Arcy J.M. Cain <darcy@NetBSD.org>
http://www.NetBSD.org/