db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kathey Marsden <kmarsdende...@sbcglobal.net>
Subject Re: 10.3 - to release or not to release?
Date Mon, 09 Jul 2007 22:41:18 GMT
Daniel John Debrunner wrote:
> The Apache Way includes:
>   - consistently high quality software
>   - security as a mandatory feature
What does "mandatory" mean?  Clearly network server was released without 
being secure and IMHO is still not secure, so does "mandatory" mean we 
should have never released it?  I have long worried about what a world 
wide probe on port 1527 might glean.  Incremental security fixes have 
meant and will continue to mean incompatibilities.  One user said to me, 
it is not *if* something will break when we upgrade, it is *what* will 
break when we upgrade.    So, is Network Server release quality and 
security  according to the Apache Way and if not, what should we do 
about it? 


View raw message