[TUHS] SunOS code?
Warner Losh
imp at bsdimp.com
Thu Sep 6 01:26:52 AEST 2018
On Wed, Sep 5, 2018 at 6:55 AM Arthur Krewat <krewat at kilonet.net> wrote:
>
>
> On 9/5/2018 2:31 AM, Gilles Gravier wrote:
> > It's the common example that I use to tell people that opensourcing
> > software makes it more secure because the good guys have access to the
> > source code at the same time as the bad guys, which gives them a fair
> > chance to fix bugs before the bad guys use them.
>
>
> Bash/Shellshock kinda proves that premise incorrect, although it's
> pretty much the worst-case example, but still... ;)
>
I'm not sure it does. It proves that bugs aren't instantly found, true. It
doesn't provide perfection, but does make it easier to find / fix bugs
before the bad guys. How long would such a bug have languished it if were
buried inside of DCL.B32 instead of being out in the open?
Warner
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://minnie.tuhs.org/pipermail/tuhs/attachments/20180905/5f005ff1/attachment.html>
More information about the TUHS
mailing list