Full Disclosure mailing list archives
Re: [inbox] Re: RE: Linux (in)security
From: Dan Wilder <dan () ssc com>
Date: Thu, 23 Oct 2003 17:11:41 -0700
On Thu, Oct 23, 2003 at 05:15:07PM -0500, Paul Schmehl wrote:
Your arguments are nothing short of silly. In 2003 there have been 43 security advisories for SUSE Linux according to SUSE's website: http://www.suse.com/de/security/announcements/index.html RedHat has had 53 during the same time period: https://rhn.redhat.com/errata/rh9-errata-security.html Debian has had 176 during the same time period: http://www.debian.org/security/2003/ During the same time period, Microsoft has had 47. And those 47 include things like Exchange Server and SQL Server, not *just* the Windows OS.
<Chiming in on this thread against my better judgement> Among those advisories you mention on the Linux sites, I see subjects including tomcat4, openssl, freesweep, marbles, gopher, sendmail, mah-jong, wu-ftpd, exim, perl, phpgroupware, mutt, qpopper, squirrelmail. And many more that are similar in that they've no relationship with the OS save being shipped with it. Hardly *just* the Linux OS. Some of those packages mentioned on the Debian site were begun long before there _was_ such a thing as Linux. Even if you classify things like XFRee86 and Samba as being part of the OS for purposes of comparing with Windows, which features much tighter coupling between the OS and some of its services than do the UNIX-like OSs, I believe you're going to be hard-pressed to come up with 47 advisories against the OS. Or anything remotely near that number. Let's compare apples to apples, so to speak, if we're going to invest the effort in the first place, into making silly comparisons. -- ----------------------------------------------------------------- Dan Wilder <dan () ssc com> Technical Manager SSC, Inc. P.O. Box 55549 Phone: 206-782-8808 Seattle, WA 98155-0549 ICQ UIN 216717075 Publishers of Linux Journal ----------------------------------------------------------------- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: [inbox] Re: RE: Linux (in)security, (continued)
- RE: [inbox] Re: RE: Linux (in)security Ron DuFresne (Oct 23)
- RE: [inbox] Re: RE: Linux (in)security Curt Purdy (Oct 23)
- RE: [inbox] Re: RE: Linux (in)security Michal Zalewski (Oct 23)
- RE: [inbox] Re: RE: Linux (in)security Ron DuFresne (Oct 23)
- Re: [inbox] Re: RE: Linux (in)security William Warren (Oct 23)
- Re: [inbox] Re: RE: Linux (in)security Ron DuFresne (Oct 24)
- Re: [inbox] Re: RE: Linux (in)security Jeremiah Cornelius (Oct 23)
- RE: [inbox] Re: RE: Linux (in)security Paul Schmehl (Oct 23)
- RE: [inbox] Re: RE: Linux (in)security Andy Wood (Oct 23)
- RE: [inbox] Re: RE: Linux (in)security Paul Schmehl (Oct 23)
- Re: [inbox] Re: RE: Linux (in)security Dan Wilder (Oct 23)
- Re: [inbox] Re: RE: Linux (in)security Paul Schmehl (Oct 23)
- Re: [inbox] Re: RE: Linux (in)security Peter Busser (Oct 24)
- Re: [inbox] Re: RE: Linux (in)security Shawn McMahon (Oct 24)
- RE: [inbox] Re: RE: Linux (in)security Arcturus (Oct 23)
- Re: [inbox] Re: RE: Linux (in)security Peter Busser (Oct 24)
- Re: [inbox] Re: RE: Linux (in)security Shawn McMahon (Oct 24)
- Re: [inbox] Re: Linux (in)security Chris Ruvolo (Oct 24)
- Re: [inbox] Re: RE: Linux (in)security Valdis . Kletnieks (Oct 24)
- Re: [inbox] Re: RE: Linux (in)security Henning Brauer (Oct 30)
- Re: RE: Linux (in)security Ron DuFresne (Oct 23)