On 9/3/11 4:04 AM, James A. Donald wrote:
Torvald trusts some people, each of which trusts some more people - but he also trusts them to check the code.
Unfortunately, we know that at least David Miller doesn't actually check the code. The Linux TCP/IP stack is full of bugs, and even those reported don't get fixed in anything like a timely manner.
Suppose that there is a bad apple. The bad apple can socially engineer his code into the source tree by leveraging his relationships, but in so doing, if he gets caught, will burn those relationships.
Naw, doesn't seem to have any affect on the relationships. So-called reputation and trust is severely overrated. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
