On Wed, Oct 1, 2014 at 11:07 AM, Richard Pieri <[email protected]> wrote: >> Note that Multiple additional BASH security bugs have been found >> and/or fixed since they started looking harder in the last week.
> Which is not a bad thing as long as the people looking actually > understand what they are looking at and what they are looking for. It's > not so much the quantity of eyes as the quality of those eyes. Yes indeed. Unskeptical eyes are useless for security review no matter how multiplied. Open source doesn't guarantee unskeptical eyes early/often, but it's possible, unlike commercial closed source where it's forbidden (except when actively required by Military contract). -- Bill Ricker [email protected] https://www.linkedin.com/in/n1vux _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
