Linked by Thom Holwerda on Tue 21st Aug 2007 18:19 UTC, submitted by SEJeff
Jeff Jones has published another one of his vulnerability scorecards comparing various operating system offerings. As always, these figures just list the patched vulnerabilities over the designated period of time; they do not take into account any unfixed or undisclosed vulnerabilities. Hence, these reports are not proper measurements of security - they are just that, a tally of fixed vulnerabilities. Any conclusions like "x is more secure than y" cannot be drawn from this data set. As always, do with it as you please.
Thread beginning with comment 264905
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2006-08-18
Doc Pain,
Yes unless the security features them self stop a user.
SELinux, for example, will--depending on setup--prevent programs from running in the first place, if SELinux detects the program doing something suspicious in or with memory addresses. The user has to go out of their way to disable the security context to that program before it will run. In some distros like Fedora, SELinux is just one level of projection amongst many.
For some this might be an annoyance but for others its a wake up call for them to do their research before downloading some unknown program from the internet.
That said you will remain in a pretty safe environment if you rely solely on "trusted" repositories for your application needs.
I can see the need for the security features for file transfers and email attachments.
Edited 2007-08-21 23:36