On Wed, 2004-11-03 at 21:17 +1100, Jeff Waugh wrote: > A belief in what you've claimed is not shared by experienced sysadmins here, > and it flies in the face of security theory, let alone practice. I'd be > interested to find out how you came to believe this - it's a dangerous idea > that I hope is not widespread.
Hmmm. I have an objection to this statement. We need as many people who care about security reading the code as possible. Please do not discourage 'many eyes' from working. The fact that it may not be 'perfect' is irrelevant, everyone has a right to try and do their own thing. We have discussed economics and you have a point but security is not always subject to the same economics. Another example I signed off sudo as being 'secure' by full code review. Two days later a host of bugs were released for overruns. Did this make my review useless, no I had the chance to notice this and other things I failed to do the review well is my problem. One that I have worked on correcting, trying to understand where I went wrong, and I will continue to work on until I die (I hope). Worthwhile reading is David Wheelers papers on secure programming, very very interesting. The reason FOSS works is because many people have different ideas on things and work on 'their thing'. Tex for word processing or Openoffice.org, the choice is yours, different tools for different users or purposes. -- Ken Foskey -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
