Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: PeteFinnigan.com - Oracle security advisory

Re: PeteFinnigan.com - Oracle security advisory

From: Oradba Linux <techiey2k3_at_comcast.net>
Date: Tue, 18 Jan 2005 21:22:19 -0500
Message-ID: <07CdnQBlkZyiWXDcRVn-iQ@comcast.com> 






"Mark D Powell" <Mark.Powell_at_eds.com> wrote in message
news:1106099242.135824.97710_at_z14g2000cwz.googlegroups.com...


> What good is a security alert that a specific feature has a potential

> security hole if the problem is not explained in enough detail that you

> can determine the realistic associated risk level?  Applying a patch

> set is a very expensive proposition.  Before we can apply a patch set

> to production we have to install it in a new directory structure in

> test, test hundreds of online and batch progrrams, and then get the

> necessary window for production.  I can not justify the cost with the

> limited information being given.

>

> -- Mark D Powell --

>




The thought is giving more information than that would be increasing the
risk.
Received on Tue Jan 18 2005 - 20:22:19 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US