LISTSERV - HP3000-L Archives

HP3000-L Archives

April 1997, Week 3

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L April 1997, Week 3

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Bug Fix or Enhancement?
From:	Jon Diercks <[log in to unmask]>
Reply To:	Jon Diercks <[log in to unmask]>
Date:	Fri, 18 Apr 1997 10:47:13 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (50 lines)

At 06:39 PM 4/17/97 -0700, Phil ESGUERRA wrote:
>Can anyone define when a particular "feature" of a program that
>HP supports qualifies as either a "Bug Fix" or "Enhancement"?

(no relation to HP, so certainly *not* speaking for them...)

Somebody I know used to have a cartoon on his wall that had two frames; the
first frame had a picture of a cockroach, captioned "bug".  The second frame
had a picture of the same cockroach in a tux and top hat, captioned
"feature".  Pretty well sums up the general definitions for me ;> but read on...

I generally define as a bug anything that fails to function in the manner in
which it is either *documented* or *intended* to perform.  If there is
something that I think a product *should* do but doesn't, and there is
nothing to indicate that the product is *supposed* to do that, then that
would generally be considered an enhancement request.

Let's look at your specific scenario:

>However, it has a very dangerous security "feature". If another user tries
>to logon thru your PC to access his/her own Opendesk e-mail account, that
>user is able to access your messages residing on your PC. What
>makes this more dangerous is that the other user can enter a bad
>Opendesk password, and still be able to access your e-mail messages residing
>in your PC!  There is total absence of security!
>
>I called HP, and after about a week, they told me that "HP considers
>this to be an enhancement request, and thus, has no plans on changing it".

The question here becomes one of *intent*.  Was the email program in
question designed with the intent that it would be used by more than one
person on the same computer?  If so, you might be able to make the case that
the product's multi-user functionality has a flawed implementation in that
individual users' documents cannot be protected from unauthorized access.

But, if the product was never intended to be a multi-user program, then you
don't have much grounds for complaint; after all, other users of your PC can
also get at your word processing documents, spreadsheets, databases...
anything that is not password-protected and/or encrypted by software
designed for use in a multi-user environment.  There are specialized
security software packages available which allow you to password or encrypt
sensitive data on your hard drive so others can not see it.  Perhaps you
should consider supplementing your e-mail software with something like that.

________________________________________________________
Jon Diercks * Systems Manager         Computing Services
[log in to unmask] (PGP available)     Anderson University
http://rowlf.csv.anderson.edu/        1100 East Fifth St
(317)641-4305 * FAX (317)641-3851     Anderson, IN 46012

ATOM RSS1 RSS2

RAVEN.UTC.EDU