[thelist] News Item: Major Security Flaw in CVS

[Frank]

At 10:07 AM 1/24/2003 +0000, you wrote:
>I wonder if that points up a weakness with the open-source code review
>process: people only spend time looking at code that's cutting-edge or
>"sexy", and telnetd clearly isn't sexy... At Microsoft (for example)
>programmers don't revisit and re-examine code because it's sexy; they do it
>because they're paid to. This might mean it's not done as thoroughly or as
>fast in many cases, but perhaps it guarantees that it's actually done at
>all!

That's an excellent point.