[Info-vax] C99 stuff (Re: The Road to V9.0)

[Arne Vajhøj]

On 6/9/2019 11:54 AM, Bob Gezelter wrote:
> On Sunday, June 9, 2019 at 9:06:44 AM UTC-4, Arne Vajhøj wrote:
>> It is also worth noting that commercial OS implies that
>> some part of the OS is not open source - it does not imply
>> that there is no open source in the OS.
>>
>> I would expect any general purpose commercial OS
>> to include huge amounts of open source today.
>>
>> If VSI started counting then I think they will find quite
>> a bit for VMS as well.
>>
>> Obviously all the application support stuff: Apache,
>> XML libs, Java etc..
>>
>> LLVM for compilers.
>>
>> I strongly suspect that the new password hashing will
>> be based on open source code not a clean room implementation
>> of the algorithm.
>>
>> Etc..
>>
>> And whatever changes these projects get from customers
>> will end up in VMS whenever VSI feels confident to take a
>> new version.
>>
>> Even though VMS is closed source.
>>
>> But I don't see that as a problem. This stuff will be pretty
>> well tested.
>>
>> Some customer tested it. Some other customers tested it. Official
>> project tested it. And VSI tested it.

> Not always the case, even for a popular and pervasive product. See
> the history of OpenSSL. Major players used the code as a core
> technology, but everyone took the path of presuming that everyone
> else was checking the code.

It has certainly happened.

But similar could happen for closed source.

> In Economics 100 (Introductory Economics here in the US). the problem
> is referred to as "Tragedy of the Commons". Something which belongs
> to everyone, has no responsible party, hence gets abused.

For closed source it is probably a more typical scenario
that developer think code is not ready but sales want to
ship is anyway.

Arne