Re: Bug#323855: ITP: opencvs -- OpenBSD CVS implementation with special emphasis in security
Alec Berryman writes:
> Michael Poole on 2005-08-19 10:32:27 -0400:
>
>> OpenCVS has not yet identified any specific problem (except the GPL)
>> that the project would address.
>
> It has indeed. GNU CVS has a poor security record; OpenCVS plans not
> to.
What part of "specific" was unclear? I could plan to write an OS with
no security issues, but that is far from actually delivering such a
thing or identifying what flaws would go away. Besides, rewriting
software to fix security bugs while ignoring that same software's
gaping design flaws is short-sighted.
Michael Poole
Reply to: