On Sat Mar 03, 2001 at 07:07:09AM -0500, Jason Straight wrote:
> Not quite as bad as bind though ;)
Are you sure? Since 7.1 was released there have been three security
fixes for bind, but there have been six for Zope.
bind gets more "press" because it's more widely used than Zope, but
that doesn't necessarily make it worse than Zope. The implications of
the security problems in bind are worse because it's more widespread.
The problems in Zope are more numerous (there have been more
problems).
> > There are number of problems with Zope. It's pretty much impossible
> > to build/use with the version of python we are using right now
> > (although I believe that will be fixed in the near future by the
> > developers). It is also a horribly insecure package. Take a look at
> > how many updates to Zope there were last year alone (and one this
> > year) for 7.2.
> >
> > Personally, I wouldn't touch Zope with a ten-foot pole... they keep
> > finding security problems that apply to all versions of Zope, 2.3.x
> > and prior. Not worth using, I figure, if it has a worse track record
> > than wu-ftpd does. =(
--
[EMAIL PROTECTED], OpenPGP key available on www.keyserver.net
1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD
- Danen Consulting Services www.danen.net, www.freezer-burn.org
- MandrakeSoft, Inc. Security www.linux-mandrake.com
Current Linux kernel 2.4.1-15mdk uptime: 14 days 18 hours 6 minutes.
