Subject: Re: php and audit-packages
To: Joerg Sonnenberger <email@example.com>
From: D'Arcy J.M. Cain <darcy@NetBSD.org>
Date: 04/24/2007 08:40:55
On Tue, 24 Apr 2007 13:21:20 +0200
Joerg Sonnenberger <firstname.lastname@example.org> wrote:
> I'm opposing to remove entries because they can't be fixed. I also don't
> think an entry in the MESSAGE file raises the awareness well enough.
> Sadly enough, enough people are using open_basedir and trusting it...
I agree. What's the point of advising our users of security holes if
we only warn about the ones that can be fixed?
D'Arcy J.M. Cain <darcy@NetBSD.org>