On Sun, Aug 17, 2003 at 12:26:54PM -0500, David Phillips wrote: > Yeah, because open source projects _never_ have security holes that need > patching. > The difference is, no open source software comes with a built in virus factory. You didn't hear the media (in the first hour or two) saying 'Oh my! Could this be because of the latest Apache bug!?', but I did hear a few 'It's possible this is related to the latest microsoft worm' Nobody ever claimed open source was bug free, the point is that you can _see_ the source, find bugs, and fix them yourself. open source vendors are held to a higher standard because the code is out there for everyone to see -- they can't ignore blatantly bad coding and expect to get away with it (as companies like MS do). Has sendmail/apache/* had a number of critial exploits? Yes. Do people block the ports used by open source software/OS's because of those exploits? No. (Unlike Windows, where a majority of the internet has started filtering 80, 135-139, 445, 1433 to downstream consumers due to rampant exploitation of a neverending number of vulnerable windows PC's) [snip troll bait] -- Matthew S. Hallacy FUBAR, LART, BOFH Certified http://www.poptix.net GPG public key 0x01938203 _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list