Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?

To: Celejar <celejar@gmail.com>
Cc: debian-user <debian-user@lists.debian.org>
Subject: Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
From: Dan Ritter <dsr@randomstring.org>
Date: Mon, 8 Feb 2021 09:57:13 -0500
Message-id: <[🔎] 20210208145713.GC8995@randomstring.org>
In-reply-to: <[🔎] 20210208093548.e8004acda15e9b7655e7a8f7@gmail.com>
References: <[🔎] 20210206102908.4674.qmail@rahul.net> <[🔎] 20210208022332.GA25789@anthropohedron.net> <[🔎] 20210208114123.GA8995@randomstring.org> <[🔎] 20210208080516.04ff882b67267f88c9ed523c@gmail.com> <[🔎] 20210208133634.GB8995@randomstring.org> <[🔎] 20210208093548.e8004acda15e9b7655e7a8f7@gmail.com>

Celejar wrote: 
> On Mon, 8 Feb 2021 08:36:34 -0500
> Dan Ritter <dsr@randomstring.org> wrote:
> 
> > OpenWRT's security process doesn't look as terrible as it used
> > to be, but it doesn't really look good right now, just trying to
> > be better.
> 
> Again, let's look at specific examples of vulnerabilities present in
> both OpenWRT and Debian, and compare the projects' responses. I gave
> you one timely example: OpenWRT's SA for the dnsmasq vulnerabilities
> was issued about two weeks before Debian's.
> 
> You feel that OpenWRT's security process "doesn't look good." Based on
> what? Can you provide a vulnerability that affects their software that
> they dropped the ball on?

No, thanks. I don't need to poke at OpenWRT any further.

I already have a Debian firewall that has had good security
support from Debian since 2014; I see no reason not to continue
using it until the hardware fails. At that point, I will buy
another relatively small fully supported Debian box, and carry
on. Among other benefits, it means that all the machines at home
have the same procedures and can be used as testbeds for each
other. E.g. the music-playing machine in the living room is now
testing out Bullseye.

I can be glad that OpenWRT has improved their security practices
and simultaneously not be interested in using it.

-dsr-

Reply to:

Follow-Ups:
- Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
  - From: Celejar <celejar@gmail.com>

References:
- Linux router AP with reserved IPs on wlan0?
  - From: conover@rahul.net (John Conover)
- Re: Linux router AP with reserved IPs on wlan0?
  - From: Gregory Seidman <gsslist+debian@anthropohedron.net>
- Re: Linux router AP with reserved IPs on wlan0?
  - From: Dan Ritter <dsr@randomstring.org>
- Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
  - From: Celejar <celejar@gmail.com>
- Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
  - From: Dan Ritter <dsr@randomstring.org>
- Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
  - From: Celejar <celejar@gmail.com>

Prev by Date: Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
Next by Date: Re: Strange statistics from gparted
Previous by thread: Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
Next by thread: Re: Security: OpenWRT vs. Debian [Was:] Re: Linux router AP with reserved IPs on wlan0?
Index(es):
- Date
- Thread