Bugtraq mailing list archives
AW: Windows MS-DOS Device Name DoS vulnerabilities
From: "Martin Werner" <bugtraq () martinwerner de>
Date: Mon, 16 Jul 2001 12:30:59 +0200
Just want to give a new thought. Fact is, that on the one hand side, its merely impossible to write an safe ftp server using Microsofts Filesystem, because device names can cause trouble (and I think, this is not a bug, but it's been discussed) So I think, good coding practice is not using a function, you cannot be sure to work (noticed the incompatiblilities between different versions of windows etc.) In such a situation, the only safe thing one can do, is to a) change the whole behaviour of windows causing immense trouble porting applications. or better take it in your own hand. I think, that one has to write a flatfile engine, the faster, the better, that works with ! ! one ! file in the windows filesystem with a name, the coder choses and thinks to be secure. It could be a good open source project, to write a filesystem, that can be put into a binary file on any platform. A great step in compatibility between systems. Keep on testing software! Martin Werner P.S. Feel free to contact me at: www.martinwerner.de martin () martinwerner de
Current thread:
- Windows MS-DOS Device Name DoS vulnerabilities ByteRage (Jul 05)
- Re: Windows MS-DOS Device Name DoS vulnerabilities 3APA3A (Jul 06)
- Re: Windows MS-DOS Device Name DoS vulnerabilities ByteRage (Jul 06)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Michael Poole (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Alun Jones (Jul 07)
- Re[2]: Windows MS-DOS Device Name DoS vulnerabilities 3APA3A (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Pavel Kankovsky (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Dennis Jenkins (Jul 09)
- AW: Windows MS-DOS Device Name DoS vulnerabilities Martin Werner (Jul 16)
- RE: Windows MS-DOS Device Name DoS vulnerabilities David LeBlanc (Jul 16)
- Re: Windows MS-DOS Device Name DoS vulnerabilities 3APA3A (Jul 06)
- <Possible follow-ups>
- Windows MS-DOS Device Name DoS vulnerabilities richardca (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities ByteRage (Jul 07)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Ewen McNeill (Jul 09)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Dennis Jenkins (Jul 09)
- Re: Windows MS-DOS Device Name DoS vulnerabilities Peter Gutmann (Jul 10)