The Case For Full Disclosure In The Linux Changelog

titurel writes: "This article on SecurityFocus takes up some interesting thoughts about how Alan Cox's choice not to unveil securitychanges in the kernel changelog could affect other developers." And Jon Lasser is no security dummy -- Along with Jay Beale, he's one of the guys behind Bastille Linux, and the author of the excellent Think Unix.

Westchester, NY = Hick town

i'm from NYC... peace yo

Hello this is Linus

I forgot my password so I have to post this AC. I wanted to let you all know that while it has been fun, I am hereby canceling the current licensing agreement for my kernel. Linux will no longer be licensed under the GPL but, as you will all be happy to know, you can still purchase the software. Pricing is $499.24 for the Home Edition and $1,295.42 for the Advanced Server. You must immediately stop using and destroy any old copies of my kernel that you may have. I know how much you all love my software and will understand that programmers have to eat too. Thanks, Linus.

Re:diff the code?

[Fruit]

... then you have to hide the fact that they are usefull for anything ...

"grammar nazi"? Oh, you're from Germany. Figures.

I am feeding a troll, oh well

[einhverfr]

Well, since I have no way to know if security holes
exist in the Linux kernel, I will have to switch
to another operating system that I can verify problems
with. Obviously if people think Linux can be run
in a production environment before, it won't be now.
Good thing for the BSDs at least. :)

OpenBSD says no REMOTE security holes in 4 years in the default installation. This is a far cry from saying now holes.

I really respect *BSD. In many instances, I think that it is somewhat more mature for some tasks than Linux. However, that does not change the argument that OpenBSD is secure because of distrobution issues more than kernel issues. And there are similar Linux distributions, such as Trustix which apply the same mentality. You, sir, are a troll.