Re: forwarded message from Jeff Licquia
Scripsit David Carlisle <davidc@nag.co.uk>
> LaTeX is a set of macros. It doesn't actually have any capabilities to
> do anything.
telnetd is a set of machine-language instructions. It doesn't actually
have any capabilities to do anything.
> Any effect of running latex on a document is a result of the macro
> expansion engine or the execution of the primitive commands
> into which latex constructs expand.
Any effect of running telnetd on a server is a result of a processor's
data path, or the execution of system calls embedded in telnetd.
> So any security issues in latex are not in latex itself (or LPPL'ed
> code) but must be due to issues in the underlying tex engine.
So any security issues in telnetd are not in telnetd itself, but must
be due to issues in the underlying machine language.
> As a compiled program with write access to the filesystem, that is
> of course subject to the usual raft of issues, but it isn't under
> LPPL, most of it is under a "don't change it if you are not Don
> Knuth" licence,
As a piece of silicon with an interface to the harddisk, that is of
cource subject to the usual raft of issues, but it is not under a free
license, most of it is under a "don't change this unless you are
Intel" licence.
Does this mean we should not be concerned about the ability to
distribute security fixes for telnetd if a security issue was
discovered?
--
Henning Makholm "Hele toget raslede imens Sjælland fór forbi."
--
To UNSUBSCRIBE, email to debian-legal-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: