User: Password:
Subscribe / Log in / New account

Trolling - again

Trolling - again

Posted Jun 23, 2011 15:34 UTC (Thu) by clugstj (subscriber, #4020)
In reply to: Other projects who find security holes in their code would do well to follow his lead here. by PaXTeam
Parent article: A hole in crypt_blowfish

This is one bug in a very old/stable piece of code. The time to investigate all of the security implications of it is relatively small. Now multiply this by the number of versions of the Linux kernel that are "supported" and by the rate of change of that code. The Linux kernel developers would spend all of their time investigating possible security implications of bugs instead of fixing them.

Running any kernel that you've just downloaded form is inherently risky - we all know that (or should). That's why we have Debian/RedHat/SuSE/etc.

Linus and friends are not your personal security risk assessment team.

(Log in to post comments)

Trolling - again

Posted Jun 23, 2011 20:42 UTC (Thu) by PaXTeam (guest, #24616) [Link]

maybe actually try to read the entire paragraph i quoted from? ;)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds