On Thu, 19 Apr 2001, Phillip H. Zakas wrote:
the only open source operating system i've used (and continue to use) is openBSD. linux is awful from a security standpointl. the only downside is the security profile of openbsd: if it's even kind of risky, it won't be allowed to run. www.openbsd.org
The SMB problem is not a "Linux only" issue. Samba runs under all sorts of things, including BSD. Interestingly enough, the bug slipped through a number of third party security audits. It was introduced sometime in the 1.9.x code and was not found until very reciently. As for "Linux being horribly insecure", that depends on the distribution. There are some very secure versions of Linux. (Immunix is one. http://www.immunix.org/) Just running apps you think are secure is not enough. Does OpenBSD deal with format bugs? Temp races? Stack overflows? That only deals with the majority of problems, not all of them. It does not deal with mistakes in the protocol (as happened here) or mistakes in coding. OpenBSD does some good things, but it is not all that is out there.
-----Original Message----- From: owner-cypherpunks@Algebra.COM [mailto:owner-cypherpunks@Algebra.COM]On Behalf Of Jim Choate Sent: Thursday, April 19, 2001 3:11 PM To: cypherpunks@einstein.ssz.com Subject: The Register - Major SMB crack
Open Source software is more secure?...
http://www.theregister.co.uk/content/8/18370.html
-- Adapt, Adopt, Improvise! - Anonymous
Venimus, Vidimus, Delevimus - 1st Linux Motto, Anonymous
Tivoli Certification Group, OSCT James Choate jchoate@tivoli.com Senior Engineer 512-436-1062
alan@ctrl-alt-del.com | Note to AOL users: for a quick shortcut to reply Alan Olsen | to my mail, just hit the ctrl, alt and del keys. "In the future, everything will have its 15 minutes of blame."