Is Firefox a Good Thing?

[Christopher Aillon]

Andy Green wrote:
> Christopher Aillon wrote:
> 
>> The kernel has more vulnerabilities[1] than this user-space 
>> application does.  Let's reconsider having that in the distro, too.
> 
> With respect this is not a good response to my question.  How many 
> kernel problems are remote-exploitable?  Does the kernel of itself visit 
> random external "scripts" on the Internet and execute what it finds 
> there?  No.  But a browser is designed to do such actions.  If we really 
> do talk about code of such complexity that "MASSIVE changes which took 
> several architects months to perfect, and it STILL caused 10-20 
> regressions" it's a lot more frightening to hear that about usermode 
> code that exists to go out to a potentially hostile Intenet on behalf of 
> a logged-in user than it is to hear the same about a kernel where the 
> vast bulk of vulns are local only.  Objectively, looking at your 
> description of security fixes on the beast, shouldn't people take pause 
> at a creature that is so complex and poorly understood, but is our main 
> proposed way of interfacing to the good and evil of the external world?

You're grossly overreacting.  If you re-write the way the browser 
interfaces with the JavaScript DOM completely, and only 10-20 bugs 
surface, I'd say you did a pretty damn good job.  The issue and code is 
extremely well understood by those that need to understand it, myself 
included as I discovered and provided a workaround for this issue while 
I interned at Netscape.  As an intern, I just didn't have the time to 
fix it properly, and still don't have time to backport it if I'm 
expected to do all I do as it is.

There's always a potential for security problems when you don't control 
the input you get.