At Mon, 11 Oct 2010 20:30:04 +0800 CentOS mailing list centos@centos.org wrote:
I have the same problem on it . Isn't the CentOS very safe?
If you apply ALL of the security updates as they become available. ALL O/Ss have security updates from time-to-time (what do you think those MS-Windows 'Service Packs' are?).
In the case of CentOS (and Linux in general), the security updates are generally released *before* some cracker writes an exploit, where as with MS-Windows the updates show up like 6 months *after* some cracker has trashed a zillion PCs and recuited them into an army of zombies and incorporated them into a botnet.
The reason for the more timely updates with Linux is that it is open source, and "with enough eyeballs, all bugs are shallow" (I am not totally sure if this is a quote from Eric Raymond or Linus Torvalds). There are *lots and lots* of people looking over the code looking for mistakes (bugs). There are *always* bugs in any non-trivial piece of software -- no non-trivial piece of software is perfectly bug free. Us programmers *try* to write the best code we can, but sometimes stuff slips through the cracks... The operating system itself (the kernel) is a very complex piece of code. Plus there are all of the additional bits and pieces that people use for everyday tasks, many of these pieces of software are fairly complex all on their own.
Also, since Linux is not a monolithic blob (like MS-Windows), much of the everyday software is maintained by a whole batch of different people and each piece of software has a different schedule of update releases, so there are updates (security and otherwise) released at different times. Red Hat / the CentOS team release these updates as soon as they become available (and have been quality tested, etc.).
MIME-Version: 1.0
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos