Ask the Expert

Bugs in different OS versions of OSS apps

When you make an open source app that can run on Windows and Linux, does that mean that any bugs in one version will cause vulnerabilities in the other version? For example, OpenOffice's recent patch has errors in the Windows version.

Requires Free Membership to View

This is a very hard question to answer as it depends on a lot of variables, like:

  • the application in question and
  • the nature of the vulnerability.

If the vulnerability is irrelevant to the operating system, for example an application that doesn't have appropriate access controls, then both the Linux and Windows variants may be vulnerable. But if the vulnerability relies on a particular operating system, like expecting a Windows-based kernel, then it is unlikely that the same vulnerability will impact Linux. But as mentioned, this is very arbitrary.

I would always err on the side of caution and carefully investigate any discovered vulnerability to determine all the possible combinations of operating systems, versions, and circumstances in which you might be vulnerable. Many of the security companies do this for you and I would recommend starting there if the vulnerability is known and documented.

This was first published in February 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: