Full Disclosure mailing list archives

Re: Coding securely, was Linux (in)security

From: Sebastian Herbst <pz () psychozapp de>
Date: Wed, 29 Oct 2003 13:58:11 +0100

Duh. That's a complete misunderstanding of the halting problem - which
is, in essence, that you can't write a program which can predict, in
general, whether another program will halt. Its perfectly possible to
write programs that are guaranteed to halt.


The statement was: "There is no programming language that prevents you
from writing insecure code". And that is true, as long as "insecure
code" means vulnerability to DoS. IMHO that would be "incorrect" not
"insecure" code, since an attacker is not able to get sensible data, or
additional rights("shutting down" the service is public right because of
incorrect code). Btw (almost) every programming language gives the
versatile programmer the possibility to write proof-able correct and
secure programs. 

-- 
/~\ The ASCII                         Sebastian Herbst
\ / Ribbon Campaign                   pz () psychozapp de  
 X  Against HTML
/ \ Email!           D90E 548A F4F9 5C1E 67E5  06A7 C426 3827 1568 206D

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

Re: Coding securely, was Linux (in)security, (continued)
- - - Re: Coding securely, was Linux (in)security Bill Royds (Oct 26)
    - Re: Coding securely, was Linux (in)security Valdis . Kletnieks (Oct 26)
    - Re: Coding securely, was Linux (in)security Brett Hutley (Oct 26)
    - RE: Coding securely, was Linux (in)security Chris Eagle (Oct 26)
    - RE: Coding securely, was Linux (in)security Steve Wray (Oct 27)
    - Re: Coding securely, was Linux (in)security Gregory A. Gilliss (Oct 27)
    - Re: Coding securely, was Linux (in)security Valdis . Kletnieks (Oct 28)
    - Re: Coding securely, was Linux (in)security Gregory Steuck (Oct 28)
    - Re: Coding securely, was Linux (in)security Valdis . Kletnieks (Oct 29)
    - Re: Coding securely, was Linux (in)security Ben Laurie (Oct 29)
    - Re: Coding securely, was Linux (in)security Sebastian Herbst (Oct 29)
    - Re: Coding securely, was Linux (in)security Valdis . Kletnieks (Oct 29)
    - Re: Coding securely, was Linux (in)security Sebastian Herbst (Oct 29)
    - Re: Coding securely, was Linux (in)security Bill Royds (Oct 29)
    - RE: Coding securely, was Linux (in)security Steve Wray (Oct 29)
    - Re: Coding securely, was Linux (in)security Brett Hutley (Oct 29)
    - Re: Coding securely, was Linux (in)security VeNoMouS (Oct 29)
    - Re: Coding securely, was Linux (in)security Valdis . Kletnieks (Oct 29)
    - Re: Coding securely, was Linux (in)security Ben Laurie (Oct 30)
    - Re: Coding securely, was Linux (in)security Bill Royds (Oct 29)
- RE: [inbox] Re: RE: Linux (in)security dhtml (Oct 24)

(Thread continues...)