Full Disclosure mailing list archives

Re: And how long have buffer overflows been around?

From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Sat, 28 Feb 2004 13:25:10 +1300

Valdis.Kletnieks () vt edu replied to Glenn_Everhart () bankone com:

The only problem with that theory is that VMS *had* a security design, and
there isn't one in NT.  The only design overlap there is that Microsoft got
some of the VMS design team to come on board for Win/NT.  NT got stuck with
having to be backward-combatable with Win 3.1, and you can fill in the blanks
from there....


Methinks you confuse "design" with "default configuration".

NT 3.1 had a reasonable security design at its core, but an OOTB  
installation produced a security configuration "compatible with 
Win3.x".


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: And how long have buffer overflows been around? Tarun Bhushan (Feb 26)
- <Possible follow-ups>
- RE: And how long have buffer overflows been around? Glenn_Everhart (Feb 27)
  - Re: And how long have buffer overflows been around? Valdis . Kletnieks (Feb 27)
    - Re: And how long have buffer overflows been around? Nick FitzGerald (Feb 27)
- RE: And how long have buffer overflows been around? Vincent . Maes (Feb 27)
- RE: And how long have buffer overflows been around? Schmehl, Paul L (Feb 27)
  - Re: And how long have buffer overflows been around? Nexus (Feb 27)