Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 3 Jun 2009 17:29:39 +0200
From:      cpghost <cpghost@cordula.ws>
To:        Glen Barber <glen.j.barber@gmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Open_Source
Message-ID:  <20090603152939.GF1988@phenom.cordula.ws>
In-Reply-To: <4ad871310906030653o62d7e708w1a7be44334ab8dab@mail.gmail.com>
References:  <4ad871310906020843n3e7dc96ap28d5d622e844abf1@mail.gmail.com> <alpine.BSF.2.00.0906021757290.2065@wojtek.tensor.gdynia.pl> <20090603004914.73f40a60@gluon.draftnet> <alpine.BSF.2.00.0906030848330.49751@wojtek.tensor.gdynia.pl> <20090603091800.GA1177@phenom.cordula.ws> <alpine.BSF.2.00.0906031120260.50636@wojtek.tensor.gdynia.pl> <20090603102720.GB1349@phenom.cordula.ws> <alpine.BSF.2.00.0906031310420.51077@wojtek.tensor.gdynia.pl> <20090603133343.GB1988@phenom.cordula.ws> <4ad871310906030653o62d7e708w1a7be44334ab8dab@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, Jun 03, 2009 at 09:53:07AM -0400, Glen Barber wrote:
> My colleagues never understood (nor do they to this day) my paranoia
> regarding security and untrusted code.  I always point them in the
> same direction:
> 
> http://cm.bell-labs.com/who/ken/trust.html

YES! An absolute classic. We're using it to teach sysadmin trainees
about trust and security very early on in their careers. Always
an excellent reminder.

Another perfect example that open source alone can't guarantee
security: I remember a CPAN perl module that used to warn you
that you shouldn't blindly install software as root without
checking it first. It didn't do anything harmful (really just
a 'warn'), but potentially, it could have wreaked havoc... at
least until someone spotted and reported it. I don't recall
exactly what module it was or if it is still in CPAN now, but
that was also a good reminder to be careful and use common
sense.

> Glen Barber
> http://www.dev-urandom.com
> http://www.linkedin.com/in/glenjbarber

-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090603152939.GF1988>