在Linux稳定版发布的邮件列表上,一位开发者提到了关于修正bug安全影响的披露政策,并再三的强调安全。Linus Torvalds回贴中表示,安全漏洞臭虫只是众多臭虫的一种,过于拔高或赞美安全臭虫的修正者是走在错误的方向上。Linus大神称那帮整天炫耀 OpenBSD安全性的家伙其实是一群自慰的猴子,好像除了安全性,没有其它东西能让他们兴奋起来。安全是重要的,但不等于一切。
From: Linus Torvalds
Subject: Re: [stable] Linux
Newsgroups: gmane.linux.kernel
Date: 2008-07-15 16:13:03 GMT (18 hours and 8 minutes ago)
On Tue, 15 Jul 2008, Linus Torvalds wrote:
> So as far as I'm concerned, "disclosing" is the fixing of the bug. It's
> the "look at the source" approach.
Btw, and you may not like this, since you are so focused on security, one
reason I refuse to bother with the whole security circus is that I think
it glorifies - and thus encourages - the wrong behavior.
It makes "heroes" out of security people, as if the people who don't just
fix normal bugs aren't as important.
In fact, all the boring normal bugs are _way_ more important, just because
there's a lot more of them. I don't think some spectacular security hole
should be glorified or cared about as being any more "special" than a
random spectacular crash due to bad locking.
Security people are often the black-and-white kind of people that I can't
stand. I think the OpenBSD crowd is a bunch of masturbating monkeys, in
that they make such a big deal about concentrating on security to the
point where they pretty much admit that nothing else matters to them.
To me, security is important. But it's no less important than everything
*else* that is also important!
声明:本网站发布的内容(图片、视频和文字)以用户投稿、用户转载内容为主,如果涉及侵权请尽快告知,我们将会在第一时间删除。文章观点不代表本网站立场,如需处理请联系客服。电话:028-86922220;邮箱:631063699@qq.com。内容未经允许不得转载,或转载时需注明来源: 贝锐智能