> From: discuss-bounces+blu=nedharvey....@blu.org [mailto:discuss-
> bounces+blu=nedharvey....@blu.org] On Behalf Of Micky Metts
>
> I am speaking at the GLADcamp Drupal conference in Los Angeles next
> month and wish to have part of my talk cover the benefits of Linux. I
At a drupal conference, talking about linux, you're surely going to promote
security. All code in the world has bugs in it. By being open source,
apache/nginx/php/mysql/postgres and the linux kernel all receive a LOT of code
review. Bug fixes and patches are released promptly, for free to anybody, and
you can follow various security mailing lists to be alerted to vulnerabilities
as they're discovered. By comparison, Apple and Microsoft and Oracle won't
provide that level of information, even for paying customers. As paying
customers, you just have to wait for whatever they release to you, and blindly
trust in their wisdom and benevolence. ("Trust in the transparency and
benevolence of Oracle, Apple, and Microsoft" is a slogan I don't foresee
catching on anytime soon.)
With vulnerabilities in everything, you must acknowledge, that even with
regular updates, you are in fact exposed and vulnerable. This is where
apparmor and selinux come in. They have defined behaviors that they expect
each application to behave under, and they prevent the application from
behaving in abnormal ways - so even if apache or nginx *does* get compromised,
very often the scope of damage is limited to that which you put into the
control of apache/nginx. Again, by default, these are included in major
distributions of linux for free, and by comparison, if you want such coverage
on windows, mac, solaris, there is either (a) no product offering, or (b) only
commercial offerings.
_______________________________________________
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss
