Vulnerability Development mailing list archives
Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh)
From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Tue, 26 Sep 2000 01:38:17 +0200
Also, I fail to see how most buffer overflows could be a design fault, perhaps you use the word in another sense than the one they've teach in the design courses I've taken.Software Design in Swedish would be called "Mjukvaruteknisk Planering". The purpose of planning your software architecture is to prevent the birth of security holes that are caused by insufficient software planning.
Software design is usually at class/module level, and later in the design at function level. In my experience I've never seen any design even dealing with possible overflow problems; how the programmer assigned a certain module implements a function is, usually, an implementation issue up to the programmer. Therefore, my opinion is that buffert overflows is clearly an implementation problem. Design decisions could be, e.g. using other API with easier (safer) functions, or designing the confinements. This can realisticly be part of the design. Doing a design which prevents programmers from creating overflowable functions would somehow have to include the entire code in the design, which would make the design impossibly hard to do. Another approach could to strictly define "no allowed" functions, such as strcpy etc. That would be somewhere in the middle of design and implementation I suppose :) The way I understand you, you're of the opinion that all bugs are design flaws and none are implementation faults? I really can't agree, esp in bigger project. It's a well know factor that different programmers can code the same module with very, very different results... ;)
A compiler does not change your software design while a "third party" executor might,
Uhmmm... First of, we have the compiler bugs. They aren't really *that* rare, but except in certain situation where optimization might cause problem for multithreading code (a fellow student got problem with that, his code worked in most compilers except a certain one). Additionally, many people trust binary-only compilers... If you are really paranoid, that's not a good thing :) (to be honest, I'm not that paranoid)
and you would be a fool to use untrusted and not fully tested libraries.
But, these arguments are the same for a script interpreter. They work the same and yes, in a few cases you might run into problem if you e.g. update the interpreter. Just as updating your libraries might cause problems unless you link staticly. I do not consider perl to be "untrusted and not fully tested" ..:::::::::::::::::::::::::::::::::::::::::::::::::.. http://www.11a.nu || http://bluefish.11a.nu eleventh alliance development & security team http://www.eff.org/cafe
Current thread:
- Re: Serv-U FTP deals makes connections with www.cat-soft.com, (continued)
- Re: Serv-U FTP deals makes connections with www.cat-soft.com Dimitry Andric (Sep 22)
- Re: CGI scripts in sh Crispin Cowan (Sep 21)
- Re: CGI scripts in sh Gordon Messmer (Sep 21)
- Re: CGI scripts in sh Lincoln Yeoh (Sep 22)
- Re: CGI scripts in sh Crispin Cowan (Sep 23)
- Re: CGI scripts in sh -jf- (Sep 22)
- C versus other languages, round 538 or so (Re: CGI scripts in sh) Bluefish (P.Magnusson) (Sep 23)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Jonathan James (Sep 24)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Bluefish (P.Magnusson) (Sep 25)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Jonathan James (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Bluefish (P.Magnusson) (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Jonathan James (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Bluefish (P.Magnusson) (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Jonathan James (Sep 28)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Reid Nichol (Sep 29)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Adam Clarke (Sep 28)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Ben Galehouse (Sep 30)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Ben Galehouse (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Jonathan James (Sep 27)
- Re: C versus other languages,round 538 or so (Re: CGI scripts in sh) Crispin Cowan (Sep 28)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Ryan Masters (Sep 24)