91
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 23 Aug 2024
91 points (98.9% liked)
Linux
5232 readers
143 users here now
A community for everything relating to the linux operating system
Also check out !linux_memes@programming.dev
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 1 year ago
MODERATORS
That's exactly how it works. Vulnerability found, reported and fixed in secret and when everything is in place everyone is informed to update.
I don't want to sound condescending, but what do you think all this talk about Rust and AI tools is about?
In the end you want to prevent all bugs from happening. Some filesystem bug randomly deleting data can be just as catastrophic as remote code execution.
And if some feature turns out to be a gaping security hole you'll quickly see it turn into a bug. That's what the quote is about. Every security issue is a bug so it has to be handled like a bug and squashed.
Priority in bugs exist independent of them being security related or something else. A critical bug will always get the highest priority fix.
Yeah I am aware. It's very good that they're looking at it and great that Linus is supportive and not a stuck-in-the-mud. Doesn't invalidate my comment thought. He's still saying security bugs are no worse than other bugs.
I mean... I don't think that's what he's saying. Nobody is saying not to fix security bugs...