LinuxMuse.com

Linux sure has a lot of security holes!!!
By: Greg on 2002-06-27 20:32:28
Section 1 - $OSSPACKAGE does NOT==Linux

< print >
< articles home > next >>

$OSSPACKAGE does NOT==Linux

This concept seems to be very difficult for people to understand, so I'll try to explain it here. Put simply, just because an application happens to be runnable on Linux, have been ported to Linux but not yet run on it, run via a scripting language that happens to also run on Linux, or any other possibility you can think of that doesn't directly involve the kernel, technically it is not part of Linux. Therefore, any bug or security flaw should not be attributed to Linux, but to the application. Now I'm going to bang off a couple rebuttals for common arguments to the above fact.

But using your argument, Linux is just a kernel!

That's right. This is a fact. But even if I went a step further, and was willing to include the gnu tools in what is dubbed Linux, one would find that security flaws in Linux are still very rare indeed.

But aren't many of the vulnerabilities for Windows vulnerabilities for some component such as the Media Player or Internet Explorer?

Yes they are. But this actually hurts your argument. Microsoft considers those applications part of Windows. They said so under oath many times during their anti-trust trial. They make it nearly impossible to uninstall them. You certainly can't choose not to install them in the first place. Therefore, they are considered part of Windows.

Now how about two case studies? First, the recent Apache security hole. I've seen many call this a hole in Linux. But the fact is Apache runs on tons of operating systems, including Windows! Clearly this is a flaw in Apache, not Linux. It is not forced as part of the install by any distributions I know of. And if it was, I would simply not use that distro. I like choice, and you get it with most distros.

Next, the OpenSSH bug. OpenSSH is written by the author of OpenBSD. It was ported to Linux and many other operating systems. A flaw in OpenSSH is not one in Linux. It is that simple.

< articles home > next >>






RedHat Linux mod_gzip Apache mysql PHP

Linux is a registered trademark of Linus Torvalds. Linux systems contain a large component of GNU Software, see www.gnu.org for details.

All other brand and product names are or may be trademarks of, and are used to identify the products and services of their respective owners.

All other content Copyright (C) 2002 Linux Muse. Powered by MagaMuse v0.3.5, (C) 2002 Greg Lincoln.

Other Legal Stuff ... Privacy Statement