Is Firefox a Good Thing?
Christopher Aillon
caillon at redhat.com
Fri Oct 13 23:24:55 UTC 2006
Andy Green wrote:
> Christopher Aillon wrote:
>
>> The kernel has more vulnerabilities[1] than this user-space
>> application does. Let's reconsider having that in the distro, too.
>
> With respect this is not a good response to my question. How many
> kernel problems are remote-exploitable? Does the kernel of itself visit
> random external "scripts" on the Internet and execute what it finds
> there? No. But a browser is designed to do such actions. If we really
> do talk about code of such complexity that "MASSIVE changes which took
> several architects months to perfect, and it STILL caused 10-20
> regressions" it's a lot more frightening to hear that about usermode
> code that exists to go out to a potentially hostile Intenet on behalf of
> a logged-in user than it is to hear the same about a kernel where the
> vast bulk of vulns are local only. Objectively, looking at your
> description of security fixes on the beast, shouldn't people take pause
> at a creature that is so complex and poorly understood, but is our main
> proposed way of interfacing to the good and evil of the external world?
You're grossly overreacting. If you re-write the way the browser
interfaces with the JavaScript DOM completely, and only 10-20 bugs
surface, I'd say you did a pretty damn good job. The issue and code is
extremely well understood by those that need to understand it, myself
included as I discovered and provided a workaround for this issue while
I interned at Netscape. As an intern, I just didn't have the time to
fix it properly, and still don't have time to backport it if I'm
expected to do all I do as it is.
There's always a potential for security problems when you don't control
the input you get.
More information about the fedora-devel-list
mailing list