this post was submitted on 10 Jul 2024
398 points (95.0% liked)

Linux

48692 readers
765 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
398
submitted 5 months ago* (last edited 5 months ago) by [email protected] to c/[email protected]
 

Zed is a modern open-source code editor, built from the ground up in Rust with a GPU-accelerated renderer.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] -2 points 5 months ago (1 children)

Thats not the point. Why should you trust anything from this project after they would allow third party unsigned binaries from questionable sources

[–] [email protected] 19 points 5 months ago (1 children)

Because people can make make mistakes...

Loads of important projects have had vulnerabilities that showed up through minor mistakes and oversights. I agree that this shouldn't happen, but it did. I'd still prefer this project to a closed source editor/IDE and even VSCodes method of having a store full of plugins, many of which are closed source and unverified. The project is in alpha, mistakes and problems are expected. This was obviously an oversight, and after being pointed out, it is being addressed.

Can you elaborate on questionable sources? All the sources I saw were the official sources of the binaries they wanted to download.

[–] [email protected] 4 points 5 months ago (1 children)

Deliberately making your program download unsigned binaries from questionable sources is more of a bad design than an oopsie in my book

[–] [email protected] 2 points 5 months ago

Again, the binaries aren't from questionable sources. From what I can tell they all come from the official source. The problem is them being unsigned, which is a simple oversight that can be made when something is being written by someone who is not security minded. It is alpha software and this is already actively being discussed.