期刊名称:International Journal of Computer Technology and Applications
电子版ISSN:2229-6093
出版年度:2012
卷号:3
期号:1
页码:269-272
出版社:Technopark Publications
摘要:There's been a lot of debate by security practitioners about the impact of open source approaches on security. One of the key issues is that open source exposes the source code to examination by everyone, both the attackers and defenders, and reasonable people disagree about the ultimate impact of this situation. It's been argued that a system without source code is more secure because, since there is less information available for an attacker, hence it should be harder for an attacker to find the vulnerabilities. For open source software, security attention frequently focuses on the discovery of vulnerabilities prior to release since source code can be viewed freely and users can identify ,fix and make the general public aware of the vulnerabilities and thus in many people’s minds, is the idea that , this makes the system more secure. In this paper we investigate this common misconception and reveal the security vulnerabilities in open source software
关键词:- Security practitioners; open source; source code; vulnerability
