[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: Is Firefox a Good Thing?
- From: Andy Green <andy warmcat com>
- To: Development discussions related to Fedora Core <fedora-devel-list redhat com>
- Subject: Re: Is Firefox a Good Thing?
- Date: Fri, 13 Oct 2006 21:51:21 +0100
Christopher Aillon wrote:
The kernel has more vulnerabilities[1] than this user-space application
does. Let's reconsider having that in the distro, too.
With respect this is not a good response to my question. How many
kernel problems are remote-exploitable? Does the kernel of itself visit
random external "scripts" on the Internet and execute what it finds
there? No. But a browser is designed to do such actions. If we really
do talk about code of such complexity that "MASSIVE changes which took
several architects months to perfect, and it STILL caused 10-20
regressions" it's a lot more frightening to hear that about usermode
code that exists to go out to a potentially hostile Intenet on behalf of
a logged-in user than it is to hear the same about a kernel where the
vast bulk of vulns are local only. Objectively, looking at your
description of security fixes on the beast, shouldn't people take pause
at a creature that is so complex and poorly understood, but is our main
proposed way of interfacing to the good and evil of the external world?
-Andy
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]