Date: Tue, 12 Feb 2002 08:36:25 +0100 From: "Anthony Atkielski" <anthony@freebie.atkielski.com> To: "Lorin Lund" <fbsd@wbs-inc.com> Cc: "FreeBSD Questions" <freebsd-questions@freebsd.org> Subject: Re: Breaking permissions on Windows 2000 (Server Edition) Message-ID: <00e901c1b397$fa0faf10$0a00000a@atkielski.com> References: <20020212062318.09D6120FDD@ns1.infowest.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Lorin writes: > I can't personally verify every line of code > because there are so many lines and I am only > one man. In that case, you must trust someone else to do it for you. > But there are many people who have a chance to > see open source code. In other words, you must trust others. > But there are people who donate time to auditing. > These people must be motivated by honorable desire > to have a solid clean product. In other words, you must trust others. > If you cannot comprehend that there are honorable > people who would report trapdoors and security > flaws then I am lead to question whether you > comprehend being honorable for the sake of civility > and doing good. You have not shown any flaw in my logic; your personal attack does not support your assertion. The logic is very sound: Either you verify the code yourself, or you trust someone else to verify the code. There are no other options if you wish to run trustworthy code. It is important to remember this when evaluating the security of information systems. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00e901c1b397$fa0faf10$0a00000a>