On Sat, Jan 22, 2005 at 11:32:42AM +0100, Pavel Machek wrote: > Well, seccomp is also getting very little testing, when ptrace gets a > lot of testing; I know that seccomp is simple, but I believe testing > coverage still make ptrace better choice.
It's not testing that makes code more secure. Testing verifys the code works in production, but testing almost never helps to find security issues, and often not even hidden subtle race conditions. Check how many security bugs have been found with testing. Just go to bugtraq count them. I simply cannot relay on testing for the security part. I will relay on testing for everything else but not for this. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
