Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: is open source more secure ?
Special Forums Cybersecurity is open source more secure ? Post 302331190 by pludi on Saturday 4th of July 2009 01:25:36 PM
Old 07-04-2009
Both yes and no. On the one hand since a lot of people can take a look at the source it's harder to intentionally introduce malicious code. On the other hand, a lot of projects have no formalized security tests and rely on software that checks for certain patterns in the code that could introduce flaws.

The best example is the OpenSSL bug introduced in Debian because Valgrind reported uninitalized memory. The alledged "fix" reduced the overall randomness of the system because the coder and reviewers didn't see all the implications.
 

6 More Discussions You Might Find Interesting

1. Post Here to Contact Site Administrators and Moderators

open source for the forum

This is a slick looking forum. Any chance on making the code for the forum open source? (1 Reply)
Discussion started by: ecupirate1998
1 Replies

2. IP Networking

Open Source NMS

Hello there, I wanted to know the members' opinion about the best open source network management software which uses a web browser to show its interface and results. I am interested in the software for both windows and Linux OSs. Thanks. (4 Replies)
Discussion started by: Jawwad
4 Replies

3. UNIX for Dummies Questions & Answers

open source antivirus

Hello What is the best open source anti virus? Thanks (4 Replies)
Discussion started by: mohammadmahdi
4 Replies

4. UNIX for Dummies Questions & Answers

what is the best open source antispam?

Hello what is the best open source antispam? Thanks http://www.linuxforums.org/forum/images/smilies/icon_smile.gif (1 Reply)
Discussion started by: mohammadmahdi
1 Replies

5. Shell Programming and Scripting

Open Source

Hi Friends I'm new to this UNIX - I'm working on the porting project from Solaris To Linux i just want to map some commands from solaris to Linux so can any one please tell me how to get the source code of the commands like "ls", "cu", "du" Regards sabee (1 Reply)
Discussion started by: sabee.prakash
1 Replies

6. Fedora

Is UNIX an open source OS ?

Hi everyone, I know the following questions are noobish questions but I am asking them because I am confused about the basics of history behind UNIX and LINUX. Ok onto business, my questions are-: Was/Is UNIX ever an open source operating system ? If UNIX was... (21 Replies)
Discussion started by: sreyan32
21 Replies

LEARN ABOUT DEBIAN

module::cpants::kwalitee::distros

Module::CPANTS::Kwalitee::Distros(3pm)			User Contributed Perl Documentation		    Module::CPANTS::Kwalitee::Distros(3pm)

NAME

       Module::CPANTS::Kwalitee::Distros - Information retrieved from the various Linux and other distributions

SYNOPSIS

       The metrics here are based on data provided by the various downstream packaging systems.

DESCRIPTION

   Methods
       order

       Defines the order in which Kwalitee tests should be run.

       analyse

       kwalitee_indicators

       Returns the Kwalitee Indicators datastructure.

       o   distributed_by_debian

	   True if the module (package) is repackaged by the Debian-Perl team and you can install it using the package management system of
	   Debian.

       o   latest_version_distributed_by_debian

	   True if the latest version of the module (package) is repackaged by Debian

       o   has_no_bugs_reported_in_debian

	   True for if the module is distributed by Debian and no bugs were reported.

       o   has_no_patches_in_debian

	   True for if the module is distributed by Debian and no patches applied.

Caveats
       CPAN_dist, the name of CPAN distribution is inferred from the download location, for Debian packages. It works 99% of the time, but it is
       not completely reliable.  If it fails to detect something, it will spit out the known download location.

       CPAN_vers, the version number reported by Debian is inferred from the debian version.  This fails a lot, since Debian has a mechanism for
       "unmangling" upstream versions which is non-reversible. We have to use that many times to fix versioning problems, and those packages will
       show a different version (e.g. 1.080 vs 1.80)

       The first problem is something the Debian people like to solve by adding metadata to the packages, for many other useful stuff (like
       automatic upstream bug tracking and handling). About the second... well, it's a difficult one.

       CPANTS does not yet handle the second issue.

LINKS

       Basic homepage: http://packages.debian.org/src:$pkgname

       Detalied homepage: http://packages.qa.debian.org/$pkgname

       Bugs report: http://bugs.debian.org/src:$pkgname

       Public SVN repository: http://svn.debian.org/wsvn/pkg-perl/trunk/$pkg

       From that last URL, you might be interested in the debian/ and debian/patches subdirectories.

SEE ALSO

       Module::CPANTS::Analyse

AUTHOR

       Thomas Klausner <https://metacpan.org/author/domm> and Gabor Szabo <https://metacpan.org/author/szabgab> with the help of Martin Ferrari
       and the Debian Perl packaging team <http://pkg-perl.alioth.debian.org/>.

COPYRIGHT AND LICENSE

       Copyright X 2003X2009 Thomas Klausner <https://metacpan.org/author/domm>

       Copyright X 2006X2008 Gabor Szabo <https://metacpan.org/author/szabgab>

       You may use and distribute this module according to the same terms that Perl is distributed under.

perl v5.14.2							    2012-06-08				    Module::CPANTS::Kwalitee::Distros(3pm)
All times are GMT -4. The time now is 03:27 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy