[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: License of ROOT: acceptable for non-free?

Scripsit Craig P Steffen <craig@craigsteffen.net>

> It's an analysis package, analagous to Gnuplot.  I don't think that
> it does any network stuff at all, so I don't think that security is
> an issue.

Security is always an issue. If it's found out, for example, that the
program has a buffer overflow that leaves it vulnerable to an attack
through a malicious data file the user downloads from the net ("Here's
the raw data from my cold fusion experiment, in ROOT format! You do
the analysis yourself if you don't believe me!"), it would be a Good
Thing to be able to distribute a security patch - even though the
possible damage would be limited to the poor user's own account.

Henning Makholm                    "They want to be natural, the anti-social
                                 little beasts. They just don't realize that
                         everyone's good depends on everyone's cooperation."

Reply to: