>>>>> "Jonathan" == Jonathan Vanasco <[EMAIL PROTECTED]> writes:
Jonathan> Randal didn't raise an report an new security threat -- he re- Jonathan> categorized an active bug discussion as a security threat. Just for the record, I'm now clear (thanks to new information) that I handled this poorly, and will handle it differently the next time. I apologize for any stress or grief, or even break-in, that may have resulted from my actions. Jonathan> People have commented "This isn't the proper way to report a Jonathan> security threat." Well, right now ModPerl doesn't have a published Jonathan> protocol for dealing with security threats. I *do* strongly support this statement though. Even after having been LARTed, googling for "security mod_perl" didn't reveal anything in the first ten hits that would be remotely useful here. This *can* be fixed for the future. (Nudge to the developers.) -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
