Vulnerability Development mailing list archives
Re: Delphi and buffer overflows
From: André Gil <andregil () di fct unl pt>
Date: Sun, 9 Apr 2006 01:52:45 +0100
Well, actually stating that something is secure because is compiled with Delphi or whatever other compiler is used I think is a really dangerous.
What about race conditions? What about stuff like if x < 10 then (and what will happen if x for some reason is under 0 and that was never thought off while developing and reviewing?).
What about not using least privilege?Well I guess you get the point. Stating something like that is just weird and dangerous.
André----- Original Message ----- From: "Gadi Evron" <ge () linuxbox org>
To: <Valdis.Kletnieks () vt edu> Cc: <Majid2k () SourceForge net>; <vuln-dev () securityfocus com> Sent: Wednesday, April 05, 2006 2:52 AM Subject: Re: Delphi and buffer overflows
Valdis.Kletnieks () vt edu wrote:On Sat, 01 Apr 2006 12:46:06 GMT, Majid2k () SourceForge net said:All Programs compiled in Delphi are secureExplain. Do tell. How does a language manage to be Turing-complete and at the same time provably secure? (Hint - Turing-complete includes the possibility of a program infinite looping, so at the very least, there's the possibility of a loop causing a DoS attack....) Or did Delphi use some different definition of "secure"?Valdis, I tend to like Delphi and agree with the guy, but you are 100% correct.That is because [especially] in the world of security the following words should be banned: all, every, never, etc.I bet that if you put a backdoor into a program written in Delphi it will no longer be 100% secure, right? That may be a bit of immature nitpicking, but really..
Current thread:
- Re: Delphi and buffer overflows Majid2k (Apr 03)
- Re: Delphi and buffer overflows Valdis . Kletnieks (Apr 04)
- Re: Delphi and buffer overflows Gadi Evron (Apr 08)
- Re: Delphi and buffer overflows André Gil (Apr 08)
- Re: Delphi and buffer overflows Alice Bryson (Apr 12)
- Re: Delphi and buffer overflows Nicolas RUFF (Apr 18)
- Re: Delphi and buffer overflows Alice Bryson (Apr 19)
- Re: Delphi and buffer overflows Gadi Evron (Apr 08)
- Re: Delphi and buffer overflows Valdis . Kletnieks (Apr 04)