Reaction score: 6,926
Reaction score: 304
Reaction score: 13
Reaction score: 1,669
I guess no one ever told Torvalds that bugs or not: the time between discovery and patching is the time when a system is vulnerable, and if you have a safety fallback (even one which would crash parts of the system) then it's still a lot better then having your system overrun.Torvalds post explained his attitude to security, namely that “security problems are just bugs” rather than opportunities to change the way the kernel behaves.
“The important part about 'just bugs' is that you need to understand that the patches you then introduce for things like hardening are primarly [sic] for DEBUGGING.”