why BSDs got no love (and why security gets no love)
Charlie Kester
corky1951 at comcast.net
Tue Dec 29 23:17:09 UTC 2009
On Tue 29 Dec 2009 at 14:51:23 PST Chad Perrin wrote:
>On Tue, Dec 29, 2009 at 12:39:01PM -0800, Charlie Kester wrote:
>>
>> One question, however. Are we prepared to back up the claim that the
>> "sexy" bits of PC-BSD are the least secure? Your argument depends on
>> that claim, since it's also implied in your description of development
>> team's priorities.
>
>Define "we". As I'm not a core developer for FreeBSD, nor anyone in a
>position of official representation of either the OS development project
>or the Foundation, my statements in the article should not be taken as
>necessarily indicative of anyone's opinions but my own.
I said "we" rather than "you" because I agree with your argument. :)
>
>The claim about the "sexy" bits of PC-BSD is based on my experience with
>tarted-up GUIs and "feature-rich" software. It is intended as a
>generalization rather than a categorical statement of absolute truth.
>
>All stuffy pedantry of mine aside, though, if you want to expand on
>your concerns, I'd be happy to read about them.
I was wondering if anyone has done a study of reported security holes
and if that data supports the assertion that the "sexy" GUI stuff PC-BSD
adds was more likely to be involved than the base OS.
But even if there hasn't been any such study, I think it would be
worthwhile to flesh out your assertion with a few examples of the kind
of security problems that arise when the "sexy" stuff is used.
As I said above, I think the argument stands or falls on our ability to
defend this point.
More information about the freebsd-advocacy
mailing list