Open source: is it secure?

samGwilliam · 02-27-2002, 06:54 PM

I was wondering about the security of open source software such as Apache, Mozilla, Sendmail, etc. I mean if they are open source then anybody could look at the code, look for holes and bugs and then exploit them for malicious purposes. Is this something that happens a lot? Or are there measures to prevent this sort of abuse?

02-27-2002, 08:51 PM

there are no measures to prevent this thats why it is open source... but as bugs are found they are patched wich leads to greater security...

heres an example of how full of **** microsoft is... there is an exploit that has been flaoting arround for a couple years that grabs passwords for netbios shares a feture used in many home networks, do you think microsoft patched this in XP no way sorry ther microsoft just doesnt give a **** about security

no-one · 02-28-2002, 01:03 AM

its at least as secure or better than anything MS puts out.

samGwilliam · 02-28-2002, 09:03 AM

Yes, but I mean is the fact that the source code is available for scrutiny a problem?

Govtcheez · 02-28-2002, 09:05 AM

> is the fact that the source code is available for scrutiny a problem?

Not usually - a lot of times, people that find the security holes will actually report back to the company and they'll fix it...

samGwilliam · 02-28-2002, 09:47 AM

That's good news. But are there any known cases of the holes being exploited for bad? There's the Unix worm, but I don't think that would count.

Govtcheez · 02-28-2002, 09:58 AM

> But are there any known cases of the holes being exploited for bad?

I'm sure there are, but, AFAIK, security's not a huge problem for open-source programs, at least how you're talking about it.

02-27-2002, 06:54 PM	#1
samGwilliam Budding Synth Programmer Join Date: Feb 2002 Location: Trefforest Posts: 368	Open source: is it secure? I was wondering about the security of open source software such as Apache, Mozilla, Sendmail, etc. I mean if they are open source then anybody could look at the code, look for holes and bugs and then exploit them for malicious purposes. Is this something that happens a lot? Or are there measures to prevent this sort of abuse?
samGwilliam is offline

02-28-2002, 01:03 AM	#3
no-one Has a Masters in B.S. Join Date: Aug 2001 Posts: 2,267	its at least as secure or better than anything MS puts out. __________________ ADVISORY: This users posts are rated CP-MA, for Mature Audiences only.
no-one is offline

02-28-2002, 09:03 AM	#4
samGwilliam Budding Synth Programmer Join Date: Feb 2002 Location: Trefforest Posts: 368	Yes, but I mean is the fact that the source code is available for scrutiny a problem?
samGwilliam is offline

02-28-2002, 09:05 AM	#5
Govtcheez Mayor of Awesometown Join Date: Aug 2001 Location: MI Posts: 8,826	> is the fact that the source code is available for scrutiny a problem? Not usually - a lot of times, people that find the security holes will actually report back to the company and they'll fix it... __________________ -Govtcheez govtcheez03@hotmail.com
Govtcheez is offline

02-28-2002, 09:47 AM	#6
samGwilliam Budding Synth Programmer Join Date: Feb 2002 Location: Trefforest Posts: 368	That's good news. But are there any known cases of the holes being exploited for bad? There's the Unix worm, but I don't think that would count.
samGwilliam is offline

02-27-2002, 08:51 PM	#2
Unregistered Guest Posts: n/a	there are no measures to prevent this thats why it is open source... but as bugs are found they are patched wich leads to greater security... heres an example of how full of ** microsoft is... there is an exploit that has been flaoting arround for a couple years that grabs passwords for netbios shares a feture used in many home networks, do you think microsoft patched this in XP no way sorry ther microsoft just doesnt give a ** about security

02-28-2002, 09:58 AM	#7
Govtcheez Mayor of Awesometown Join Date: Aug 2001 Location: MI Posts: 8,826	> But are there any known cases of the holes being exploited for bad? I'm sure there are, but, AFAIK, security's not a huge problem for open-source programs, at least how you're talking about it. __________________ -Govtcheez govtcheez03@hotmail.com
Govtcheez is offline

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Open Source and Security	DavidP	General Discussions	17	06-17-2008 01:23 AM
Open Source Careers	JMJ_coder	General Discussions	11	05-05-2008 01:07 PM
Open Source Cell phones	abachler	Tech Board	9	03-21-2008 09:31 AM
Open source library for graphical presentation	Vogel	C++ Programming	1	09-20-2005 05:54 AM
open source	north pointer	Linux Programming	10	08-01-2002 06:35 AM