Slashdot Mirror
Windows Developers Agree: Linux More Secure
theblackdeer writes "eWeek has an article up about an Evans Data Corp survey that the majority of Windows developers agree that linux is a more secure OS. "Linux scored high for innate security among respondents, more than two- thirds of whom 'use or target Windows with their code.' Indeed, only 23 percent of the developers were primarily Linux developers.""
Because it is possible to write an insecure program in Linux, Linux is less secure? What a total non-sequitur.
It is trivial to write the above program in any language on any platform; that has absolutely nothing to do with an operating system's security.
What you will notice, though, is that with most Linux/Apache setups, $input will run as user "nobody" or "apache", with very few privileges, so an additional local root exploit would be necessary to do real damage. Unix was designed from the start to allow untrusted users to run programs locally. Its also worth noting that some Windows services can be locked down the same way, but in general, a remote exploit on a Windows box will almost always give you Administrator access.
This was intended as humor, perhaps misunderstood by moderators. Of course OS-level security (where you depend on underlying OS code) is different from app-level security (where anyone writing the app can introduce serious holes).
Once again, wasn't intended as a flamebait.
I'll do better than that. How about the address and root password of a public Linux box. As seen in Linux Journal. Please feel free to log in and play around -- that's what it's there for. (I'm hoping that the fact that this is a second level comment in a not-posted-just-this-second article will help keep the poor box from getting slashdotted.) Sure, it's SELinux, not quite the same as an off-the-shelf RH boxed set, but what does Windows offer that's anywhere near this level of security?