On Sun, Aug 17, 2003 at 12:26:54PM -0500, David Phillips wrote:

> Yeah, because open source projects _never_ have security holes that need
> patching.
> 

The difference is, no open source software comes with a built in virus
factory. You didn't hear the media (in the first hour or two) saying
'Oh my! Could this be because of the latest Apache bug!?', but I did hear
a few 'It's possible this is related to the latest microsoft worm'

Nobody ever claimed open source was bug free, the point is that you can
_see_ the source, find bugs, and fix them yourself. open source vendors
are held to a higher standard because the code is out there for everyone
to see -- they can't ignore blatantly bad coding and expect to get away
with it (as companies like MS do). 

Has sendmail/apache/* had a number of critial exploits? Yes.

Do people block the ports used by open source software/OS's because of
those exploits? No. (Unlike Windows, where a majority of the internet
has started filtering 80, 135-139, 445, 1433 to downstream consumers
due to rampant exploitation of a neverending number of vulnerable 
windows PC's)

[snip troll bait]

-- 
Matthew S. Hallacy                            FUBAR, LART, BOFH Certified
http://www.poptix.net                           GPG public key 0x01938203

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list