Re: Dynamically Enable Xwindows?
- From: Igor Sobrado <igor@xxxxxxxxxxxxxx>
- Date: 29 Sep 2006 20:48:35 +0200
jKILLSPAM.schipper@xxxxxxxxxx wrote:
Nah, fat chance. Firefox is big, and not all of its developers are
security-conscious enough. Coverity appears to be quite good, and will
likely find quite a few bugs; but I'll not be convinced those are the
last.
Agreed, Coverity shows some "possible" bugs in the code (of course,
a security conscious programmer must manually audit each warning
to see if it is a real bug). On the other hand, a security conscious
programmer will not only make few bugs (making automatic auditing
processes of the source code less important) but will also make few
"undetectable" bugs.
I fully agree with you, Firefox is too large and not all programmers
working on that project are security conscious. It will never be
as secure as a small project managed by security conscious programmers.
Though some context helps here - since I've booted this machine 30
minutes ago (it's a laptop), I've run rtin, dillo, ssh, svn, some random
shell commands, and now mutt and vim. Of those, the latter is the only
one I've ever had to upgrade due to security problems.
Bugs can be found on places that are difficult to believe. I suppose
that the bug you patched is related with the permissions or owners of
files created using that editor. :-)
I usually prefer staying at the software provided with the operating
system. vim has a lot of nice extensions to vi, indeed, there is some
people here, in the Department of Mathematics, using vim and it can be
certainly highly customized (e.g., for TeX), but I prefer staying at
something that is portable to any computer running Unix (i.e., plain vi).
If it means "software written by the BSD development teams" (either
FreeBSD, NetBSD or OpenBSD)... excellent! I usually trust on the
software maintained by these teams. In any case, I try to minimize
the amount of external software added to the system.
A good friend of me observed some time ago that mutt was an excellent
choice for security conscious users. I certainly believe it is a
highly secure MUA... however on my computer, I am running nmh instead.
I am interested in returning to mail/uuencode again, but the amount
of violations to mail standards that are being accepted these days make
returning to the original Unix mail system a real nightmare. MUAs are
some of the few components of a Unix system that, sadly, must be replaced
in most cases.
Cheers,
Igor.
.
- Follow-Ups:
- Re: Dynamically Enable Xwindows?
- From: jKILLSPAM . schipper
- Re: Dynamically Enable Xwindows?
- From: dfeustel
- Re: Dynamically Enable Xwindows?
- Prev by Date: Re: 3.9 Links package broken?
- Next by Date: Re: Dynamically Enable Xwindows?
- Previous by thread: Re: 3.9 Links package broken?
- Next by thread: Re: Dynamically Enable Xwindows?
- Index(es):
Relevant Pages
|
