nanog mailing list archives
Re: Bell Labs or Microsoft security?
From: Richard A Steenbergen <ras () e-gerbil net>
Date: Wed, 29 Jan 2003 11:16:13 -0500
On Wed, Jan 29, 2003 at 08:50:56AM -0500, Marshall Eubanks wrote:
A world before buffer overflow exploits ? The first (Fortran) programming course I ever took at MIT on the first day of lab they said 1.) If you set an array index to a sufficiently large negative number you would overwrite the operating system and crash the system (requiring a reboot from punched paper tape).
I said exploits, not ways to get outside your proper address space and crash the OS. Any sufficiently powerful language presents an opportunity to do bad things to an ill prepared OS, but the answer isn't to make the language less powerful. Perhaps if we banned C and assembly, and made everyone use perl, we'd be safe. :) -- Richard A Steenbergen <ras () e-gerbil net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
Current thread:
- Re: What could have been done differently?, (continued)
- Re: What could have been done differently? Scott Francis (Jan 29)
- Re: What could have been done differently? just me (Jan 29)
- Re: What could have been done differently? Scott Francis (Jan 29)
- Message not available
- Re: What could have been done differently? Scott Francis (Jan 30)
- Re: What could have been done differently? Scott Francis (Jan 28)
- Re: What could have been done differently? Brian Wallingford (Jan 28)
- Bell Labs or Microsoft security? Sean Donelan (Jan 29)
- Re: Bell Labs or Microsoft security? Richard A Steenbergen (Jan 29)
- Re: Bell Labs or Microsoft security? Marshall Eubanks (Jan 29)
- Re: Bell Labs or Microsoft security? Richard A Steenbergen (Jan 29)
- Re: Bell Labs or Microsoft security? Florian Weimer (Jan 29)