-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On May 19, 2004 11:51, Shawn wrote: > So, I guess it comes down to this: Everyone needs to strive for better and > more secure code/applications/environments.
indeed. secure environments give the biggest bang for the buck, however, since the end developer gets the improvements "for free" (as in, it doesn't rely on them doing the right thing) unfortunately, people continue to code things in, for instance, C which shouldn't be. i know people who are still using C for CGI-drivne web applications. and yes, they have security problems. no kidding, you say? hopefully in a few years time writing end user desktop apps in "safer" languages such as Python and Ruby will be the status quo. hopefully developers will pay attention to the methods they employ when writing software more, and hopefully they will choose to leverage pre-existing functionality where and when possible rather than reinvent the wheel (and start the bug/security fixing process all over again =) > However the bottom line will > come into play eventually - and the end user will foot the bill every time, > in one way or another. as an end user of Apache, how have you "footed the bill" for it's relatively good security history? (one could replace "Apache" with numerous other bits of software, of course =) - -- Aaron J. Seigo GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA EE75 D6B7 2EB1 A7F1 DB43 while (!horse()); cart(); -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) iD8DBQFArUHB1rcusafx20MRAhWVAJ9XSTpPCvL2emgxSvKhb+uYLEIpKwCgqmkc LBRbL2f9Bzv3Imi1sRriw38= =v/za -----END PGP SIGNATURE----- _______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
