Posted Nov 5, 2007 20:08 UTC (Mon) by man_ls
In reply to: Security bugs
Parent article: Daniel Bernstein: ten years of qmail security
OK, so you (and de Raadt) can go on treating all bugs as potential security holes. Meanwhile I (and the rest of the world) will go on assigning severity and impact to bugs, programming defensively, using defense in depth and the rest of accepted principles of secure programming. Yes, sometimes we will leave holes open -- but so will OpenBSD, and so will everyone else.
to post comments)