Hi Ed, > What about saying something like that, instead of just leaving it looking like a cop-out?
Finding the right level of detail is always difficult, especially in a knowledge base article. Not everyone is interested in several pages of explanations and historical excerpts that lead to the decision. Look at the security announcements from debian: http://www.debian.org/security/2008/dsa-1642 Tell me, what exactly was the problem? They don't say this, all they say is: "There was a problem. Here's a fix". Not a single word what attack was possible, how long the bug was in there, what they do to prevent the problem from happening ever again, why they introduced it into the product, nothing. How is that different from the KB article? > What about checking the string length, and using the more efficient algorithm when possible? That's missing the point I made. The system is designed to work with these fast strings. It's not a local change in the report writer. > But I do expect honesty What is not honest in the article? It's a design decision, that's what it is and that's what they say. They haven't explained the reasoning for the design decision. But then, after 25 years it could be that nobody can say exactly why the decision was made, at least not with the degree of affirmation necessary for publishing in an official document read by potentially hundred thousands of readers. I certainly don't know the reason for every single decision I made in programming the past 16 years. -- Christof _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[EMAIL PROTECTED] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
