[haiku-development] Re: Security
- From: Ari Haviv <arielbhaviv@xxxxxxxxx>
- To: haiku-development@xxxxxxxxxxxxx
- Date: Mon, 1 Sep 2014 22:57:12 -0400
On Mon, Sep 1, 2014 at 5:15 AM, Wayne Peter Corwin <
wayne.peter.corwin@xxxxxxxxxxxxxxxx> wrote:
> Hi all.
>
> I don't see much talk about Haiku and security. In this day and age, a
> single-user rooted OS with a homegrown network library sounds a bit scary.
>
> I'd like to ask if multiuser capabilities (with a non-root user as
> default) are being implemented and if security audits will be performed
> before R1. Esp. the networking stack, since Haiku provides various network
> servers over known protocols, so a wide range of attack vectors are
> probably relevant for Haiku. I don't believe in security-by-obscurity :)
>
> I plan to use Haiku for real work, so security matters.
>
> Best wishes,
>
> - wcp
>
> Multi-user definitely needs to be implemented. But Haiku does have an
advantage that it is an entire system that is on Coverity's security
auditing. Other open source OS's are typically made out of various moving
parts and while some of those parts may be secure (such as the kernel),
other parts of the system may not have the same level of auditing.
Other related posts:
