Secure Coding mailing list archives

RE: Security Standard Branding & Expectation Checklists

From: ljknews <ljknews () mac com>
Date: Sat, 10 Jan 2004 17:55:57 +0000

At 10:02 PM +0000 1/9/04, David Crocker wrote:

Although total security assurance is a hard problem, some sorts of security
assurance (e.g. freedom from buffer overflow vulnerabilities) are easy and
inexpensive to achieve, if the right development approach is taken and they are
goals from the start.


If the right _language_choice_ is made, buffer overflows cannot cause
execution of attacker-provided code.

Current thread:

Security Standard Branding & Expectation Checklists Jared W. Robinson (Jan 07)
- Re: Security Standard Branding & Expectation Checklists Brett Hutley (Jan 08)
- Re: Security Standard Branding & Expectation Checklists Crispin Cowan (Jan 08)
  - Re: Security Standard Branding & Expectation Checklists Jared W. Robinson (Jan 08)
    - Re: Security Standard Branding & Expectation Checklists Crispin Cowan (Jan 09)
    - RE: Security Standard Branding & Expectation Checklists David Crocker (Jan 10)
    - RE: Security Standard Branding & Expectation Checklists ljknews (Jan 10)
    - Re: Security Standard Branding & Expectation Checklists Jeff Williams @ Aspect (Jan 11)
  - RE: Security Standard Branding & Expectation Checklists David Crocker (Jan 10)