|
|
|
|
|
|
by rkangel
3370 days ago
|
|
|
> dpkg -l | grep '^ii lib'|wc -l lists over 2000 libraries I have installed, lot of them written in C That '2000' number is not the relevant one here. The reason that security is important wrt Curl is that Curl is used to access the internet. Security in the library used to print colours to your terminal is a bit less important. It's those widely used, public facing libraries that need a good security story (and using a memory-safe language is a good start there). |
|
|
Printing colors still may provide an attack vector. Latest CVE in Ubuntu comes from a program that eject CD's (and needs root privileges to do so).