i didn't elaborate on man_ls's strawmen because he missed the point entirely, so i didn't see
it important besides mentioning the fact (he was arguing disclosure policy like you do,
instead of that of consistency). now i just mentioned one, see somewhere above. satisfied? ;)
> If you announce to the world that something is a security bug then every
> script kiddies and their mom will know about it.
> If you are careful about keeping quiet it then distributors may miss a
> important security fix they need to provide to their end users.
you too didn't get the point. i don't care about the disclosure policy per se, i care about
being consistent, or shall i say, truthful about it. if Documentation/SecurityBugs says 'full
disclosure' then the people on that list had better practice it. if they don't, they should
say so in Documentation/SecurityBugs. above you're trying to argue about the disclosure
policy, feel free to take it to where it belongs, but it's not the subject of this discussion.
as for the rest of your post, does that really belong here?