|
|
|
|
|
|
by iudqnolq
1365 days ago
|
|
|
In theory, yes. In practice I'm very skeptical that maintainers can correctly backport patches without having a solid understanding of the source code. And I'm skeptical that maintainers can have a solid understanding of the source code without reading a substantial portion of it, and I know they haven't got the time to do that. |
|
|
That said the track record speaks for itself. I can only remember one time a maintainer introduced a vuln in Debian. The system works even though you’ll find cracks if you look.