Munir Nassar writes:
> i bet you ten bucks that somebody will find a security hole. it is not
> that i doubt your coding skills but it is a fact that security holes
> are a fact of life.

Only ten?  Care to make it interesting?  Security holes are not a fact of
life.  Security holes come from being ignorant, having poor / sloppy coding
skills and not being mindful of security.  It is not difficult to write
secure code in a scripting language.  If I was not certain that I could
write secure applications, then I would be looking for a new line of work.

> consider this:
> the openbsd hackers pride themselves in secure code... they code audit
> everything before it can be used. one could argue that they are
> security experts.

Consider this:  qmail, one of the most widely deployed MTAs, has never had a
security hole.  It was first released in January of 1996.

-- 
David Phillips <david at acz.org>
http://david.acz.org/


_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list