db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kathey Marsden <kmarsdende...@sbcglobal.net>
Subject Re: 10.3 - to release or not to release?
Date Mon, 09 Jul 2007 22:41:18 GMT
Daniel John Debrunner wrote:
> The Apache Way includes:
>
>   - consistently high quality software
>   - security as a mandatory feature
>
What does "mandatory" mean?  Clearly network server was released without 
being secure and IMHO is still not secure, so does "mandatory" mean we 
should have never released it?  I have long worried about what a world 
wide probe on port 1527 might glean.  Incremental security fixes have 
meant and will continue to mean incompatibilities.  One user said to me, 
it is not *if* something will break when we upgrade, it is *what* will 
break when we upgrade.    So, is Network Server release quality and 
security  according to the Apache Way and if not, what should we do 
about it? 

Kathey




Mime
View raw message