Write to NVIDIA
Posted Oct 17, 2006 9:47 UTC (Tue) by NAR
In reply to: Write to NVIDIA
Parent article: Local root exploit in NVidia driver
The open source programs have more security advisory because people check the sources and send bug report. It is rare to found an exploit before upstream fix bugs.
I seem to recall that even Debian servers were compromised by a previously unknown local root exploit based on a kernel bug - and probably the kernel gets the most peer review, so the situation could be only worse for other projects. Anyway, I believe that the number of critical bugs does not depend directly on the methodology of development, it depends on the skill of the developers and their deadlines.
to post comments)