How FOSS projects are run - time for a rethink?

Discussion topics, Linux related - not requests for help

Moderators: ChriThor, LXF moderators

How FOSS projects are run - time for a rethink?

Postby ChriThor » Wed Nov 05, 2014 10:01 am

Hey everyone, here's a question for you all:
With the high-profile bugs and exploits hitting open source projects recently (e.g. Heartbleed, Shellshock and whatever the Drupal 7 exploit is called), do people think changes need to be made in how they are run?
Site admin
Posts: 117
Joined: Thu Jun 06, 2013 8:43 am
Location: Bath

Re: How FOSS projects are run - time for a rethink?

Postby guy » Wed Nov 05, 2014 4:05 pm

No. They are free, libre and open source, anybody can pick up a piece of code and run with it any way they want. That is the whole idea.

I think you are asking, should the wider society care more, even to the point of getting involved and working to improve the code they use? Here the answer is yes, yes and yes.

In particular, major organisations such as governments, big business and international charities need to put riders on their supplier contracts to provide a commitment to software security support. If every such body put just one employee full-time onto identifying and fixing security flaws in the FOSS they use, it would make a huge difference. It would also repay those bodies a thousand times over on reduced costs of dealing with compromises.
"Klinger, do you know how many zoots were killed to make that one suit?" — BJ Hunnicutt, 4077 M*A*S*H
LXF regular
Posts: 1227
Joined: Thu Apr 07, 2005 12:07 pm
Location: Worcestershire

Re: How FOSS projects are run - time for a rethink?

Postby johnhudson » Wed Nov 05, 2014 8:46 pm

I don't think it's a matter of rethinking how they are run. There has been a lot of research which has set out the key principles. The issue is getting people to adopt good practice.
LXF regular
Posts: 893
Joined: Wed Aug 03, 2005 1:37 pm

Return to Discussion

Who is online

Users browsing this forum: No registered users and 1 guest