John Summerfield wrote:
Les Mikesell wrote:
John Summerfield wrote:
and I note that RH doesn't highlight security at all, that's I could
find in three clicks.
http://www.redhatmagazine.com/2007/04/18/risk-report-two-years-of-red-hat-enterprise-linux-4/
is possibly self-serving but seems pretty realistic to me.
My point, for those who seem to have missed it, is that on the others
security is considered a top goal and highlighted as such on the home
page. I similarly excluded FreeBSD because it's not highlighted as a top
requirement. I also excluded Debian - freeness drives the Debian
project, usability drives Ubuntu.
Agreed, but you have enough experience to know that good intentions and
strict attention to narrow goals don't produce the best results every
time. I'm much more comfortable with a project that recognizes that
unexpected security flaws may exist and has the ability to correct them
quickly than one that says that because an expert has looked over the
code, there can't be any security issues. You do need a balance, of
course and some tolerance for over-hype in project goals compared to
what is delivered.
--
Les Mikesell
lesmikesell@xxxxxxxxx
