For what it's worth, but nevertheless ...
Popular open source projects such as Samba, the PHP, Perl, Tcl dynamic
languages, and Amanda were all found to have dozens or hundreds of
security exposures.
By Charles Babcock
InformationWeek
January 8, 2008 09:40 AM
http://www.informationweek.com/story/showArticle.jhtml?articleID=20560022
9&cid=RSSfeed_IWK_All
[...]
Linux came in with far fewer defects than average as did a number of
other open source projects. The version 2.6 of the Linux kernel had a
security bug rate of .127 per thousand lines of code. The kernel scan
covered 3,639,322 lines of code. As exposures were identified by repeated
scans, 452 defects have been fixed by kernel developers; 48 have been
verified but not yet fixed; another 413 remain to be verified and fixed,
according to code scanning results posted on the Coverity.
FreeBSD, sometimes posed as an alternative to Linux, has been slower to
respond to the Coverity scans. In 1,582,166 lines of code, it has fixed
zero defects, verified six and has another 605 to go.
x Tuomo:
--------
Linux user interfaces also came in for a thorough review. The KDE
interface contains 4,712,273 lines of code, has fixed 1,554 defects, has
verified another 25 and has only 65 to go. Gnome contains 430,809 lines
of code, has fixed 357 defects, verified 5 and has 214 to go.
[...]
Cheers,
/Roy
--
SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS tak ada rotan, akar pun jadi
SSSSS . s l a c k w a r e SSSSSS no rattans, roots will do [if you are
SSSSS +------------ linux SSSSSS desperate, you must not be choosy]
SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS
