Date: Tue, 29 Jun 2004 21:14:33 +0100 From: Paul Robinson <paul@iconoplex.co.uk> To: Kevin Lyons <kevin_lyons@ofdengineering.com> Cc: freebsd-chat@freebsd.org Subject: Re: "TrustedBSD" addons Message-ID: <20040629201433.GV34683@iconoplex.co.uk> In-Reply-To: <40E1B7A3.3040409@ofdengineering.com> References: <40E1A6C0.2040406@ofdengineering.com> <40E1B3B5.1020906@palisadesys.com> <40E1B7A3.3040409@ofdengineering.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 29, 2004 at 01:40:35PM -0500, Kevin Lyons wrote: > Well, point being that more layers/lines of code added, the more > potential vulnerabilities. Myth. Which is more vulnerable to attack - the kernel that gets compiled when you build GENERIC, or a few lines that strcpy's some input recieved over a socket running as root? LOC is about as effective a measure of potential vulnerabilities as it is a measure of how productive a developer is or the quality of the design process - i.e. it's useless and the myth has been thrown around for god knows how long by people who really should know better.* Well-written code is well-written, no matter how many lines long it is. Ditto for badly-written code. I've seen 20-liners that could be broken by a competent 13-year old, and 20,000-liners that were impregnable. I am not alone. > I don't think we can say the FreeBSD or > TrustedBSD developers are any more exploit immune than other folks. Based on the number of security announcements over the last 5 years, I could argue very convincingly that the FreeBSD and TrustedBSD developers are far more exploit immune than the Microsoft OS developers. Of course, it would be complete bullshit, but that's not the point. :-) > Not ranting/trolling. Thanks for the info, that is good. As I said, i > have not installed/configured it yet. I have been noticing feaping > creaturism in freebsd as of late so I was simply concerned about it. "Of late"? You've *JUST* noticed? Wow. :-) * - yes, I know. I expect this now to explode into a silly thread. People really should know better. -- Paul Robinson http://www.iconoplex.co.uk/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040629201433.GV34683>