On Fri, Dec 24, 2021 at 2:11 PM Jon Brase <jon.br...@gmail.com> wrote: > They're not talking about it in the context of log4j itself, they're > talking about it in the context of other open source projects, that > don't have something like the Apache foundation behind them, that > are critical infrastructure, but have one or two maintainers working > on them as a labor of love alongside a day job, and the potential, > as such projects become legacy software, for them to still be > half-maintained (and maybe maintain a significant user base) long > after an institutionally maintained project would have officially > been EOLed. > > And there is something of that kind of risk with any DOS variety > still in use. Any remote execution vulnerability, through any > network-aware DOS software, is basically automatically a remote root > vulnerability by the nature of the system. Now, most FreeDOS users > are probably using it for retrogaming and such and not for anything > business-critical, but anybody using it in an embedded setting needs > to be really careful about exposing it to the network. > > I really wonder how that would effect DOS, after all there is no > web interface, nor any Java in (Free)DOS. So (without having watched > this rather long video yet), any such conclusion seems to be a bit > far fetch IMHO...
The statement in the video (starts at about 24:00, for others who want to watch it) was awkwardly made. This person makes the statement that some open source projects should just shut down rather than keep going (I'm paraphrasing broadly here). And gives the example of "If MS-DOS were open source" he opines that it shouldn't go on. Putting aside the fact that Microsoft did eventually release (early versions of) MS-DOS under an open source license, this guy is just wrong. Lots of people use DOS and FreeDOS to do useful things, like running classic DOS games or applications, and supporting some embedded systems or control systems. I usually try to see the other person's point of view - but in this case, he's off base. Whatever. Jim _______________________________________________ Freedos-user mailing list Freedos-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freedos-user
