Re: Issues for configuration problems in the CVE
When I first had a student (Taimur Aslam) look at classifications of
problems, configuration errors fell out as one category. However, we
found there were some ambiguities with user interface error, and
incorrect documentation. If something is misconfigured because the
documentation is unclear (or wrong), is that a bug? If so, where?
In the software that doesn't match the documentation, or in the
documentation that doesn't match the software?
Sorry to raise these questions, but you are seeing some of the
territory we traversed a few years back..... :-)