[TUHS] SunOS code?

Chet Ramey chet.ramey at case.edu
Thu Sep 6 01:36:48 AEST 2018

On 9/5/18 11:26 AM, Warner Losh wrote:

>     On 9/5/2018 2:31 AM, Gilles Gravier wrote:
>     > It's the common example that I use to tell people that opensourcing
>     > software makes it more secure because the good guys have access to the
>     > source code at the same time as the bad guys, which gives them a fair
>     > chance to fix bugs before the bad guys use them.
>     Bash/Shellshock kinda proves that premise incorrect, although it's
>     pretty much the worst-case example, but still...  ;)
> I'm not sure it does. It proves that bugs aren't instantly found, true. It
> doesn't provide perfection, but does make it easier to find / fix bugs
> before the bad guys. How long would such a bug have languished it if were
> buried inside of DCL.B32 instead of being out in the open?

It proves that if there is someone who has an idea, or who thinks about a
thing in new ways, he can verify his suspicions without too much trouble.
The barrier to investigation is lowered.


``The lyf so short, the craft so long to lerne.'' - Chaucer
		 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    chet at case.edu    http://tiswww.cwru.edu/~chet/

More information about the TUHS mailing list