Path: utzoo!attcan!uunet!tut.cis.ohio-state.edu!ucbvax!CC3.CC.UMR.EDU!obrennan
From: obrennan@CC3.CC.UMR.EDU (obrennan)
Newsgroups: comp.sys.apollo
Subject: security problems
Message-ID: <9006291314.AA00280@cc2.cc.umr.edu>
Date: 29 Jun 90 13:14:41 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 29


	Date: Thu, 28 Jun 90 13:11:44 PDT
	From: root@vlsi-mentor.jpl.nasa.gov (The vlsi-mentor Super User)
	Message-Id: <9006282011.AA28396@vlsi-mentor.jpl.nasa.gov>
	To: apollo%umix.cc.umich.edu%jpl-mil@umix.cc.umich.edu
	Subject: RE: security problems
	
	BTW, I believe security holes should be broadcast over the net.
	This way, they *will* get fixed, and security based upon hidden
	information is not secure. 
	
	----
	Dave Hayes  dave@vlsi-mentor.jpl.nasa.gov   
           dave%vlsi-mentor@jpl-mil.jpl.nasa.gov
	"The word 'choice' is a fraud when one is taught what to choose."
	
I'm not denying that a security hole should be broadcast but broadcasting the
Apollo hotline problem number instead of the actual problem on this list would 
be more secure; then only approved hotline users can query the details.
	


Gerry O'Brennan
Computing Services
University of Missouri - Rolla
------------------------------
obrennan@apollo.cc.umr.edu
c0022@umrvmb.umr.edu          
------------------------------