> Firefox is certainly way on the other end of the spectrum, second to only
> Internet Explorer in its number of exploits.
From what I know, the Linux kernel has about as many security flaws getting reported than the whole Mozilla source repository (of which Firefox is only a part, even though it uses a vast majority of it, as the Core code is used by all of Mozilla suite, SeaMonkey, Firefox, Thunderbird etc.) or maybe the kernel has even more.
That doesn't mean the kernel is very insecure, nor does it mean that for the Mozilla codebase. It's just that both a really huge piles of code doing an incredibly large amount of stuff - and yes, even rendering web pages as well as Gecko does is a very large and complex task to do.
It's much easier to create a project that does a fairly simple (even if important) job, such as an SMTP server or, say, a shell, without known security flaws than a system kernel or a sophisticated, modern web browser. Why? Just look at the amount of code involved and the dirty tricks you sometimes need to go thorugh to e.g. work with hardware and userspace (in the case of the kernel) or plugins and scripting (in the browser case).
That said, it's good that there are tools out there that have no really known security issues (yet), believing they'll never have is more dangerous than knowing you have to apply some patches now and then.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds