Re: FWTK and smap/smapd

["Marcus J. Ranum" <mjr () ranum com>]

Joseph S D Yao wrote:
> without
> commentary providing what you might call the specifications or design,
> or the social contract between the programmer and the user, there is
> nothing against which you can hold a piece of code and say, "THIS IS
> WRONG!"  Code is amoral; it has an inherently situational ethic; such
> that even the grossest of buffer overflows can only lead us to conclude
> that the code does it, therefore the code does it.  We must provide and
> communicate the moral absolutes against which the code is measured
> right or wrong.  And we can communicate this on dead trees, or in
> living commentary.

Hmmm... you've convinced me.  I hadn't looked at it from that
angle before.

I guess what was motivating my opinion was some awful early experiences
I had at a small security company where they had folks assigned to audit
UNIX/C code who didn't know anything about UNIX or C. That left an
indelible impression on me. :)  In retrospect I'm sure it was just because
those staffers had billable hours to expend and that was it. But ever
since then I figured that if you gave people like that commented code
they'd _audit_ _the_ _comments_ and the whole process is pointless.

But you're right - what we're really talking about is checks and
balances. And if you just give code there's, well, just code...
I retract my previous comments on this topic!!! :) Where's the "undo"
button?!

mjr.
---
Marcus J. Ranum                         http://www.ranum.com
Computer and Communications Security    mjr () ranum com

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards