Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: DJB's students release 44 poorly-worded, overblown advisories

From: ljknews <ljknews () mac com>
Date: Wed, 22 Dec 2004 16:05:28 +0000
At 11:54 PM -0800 12/21/04, Crispin Cowan wrote:

ljknews wrote:


On most important systems there is no need for the users to be able
to provide executable which they then run.  Executables are provided
by the system manager.
 

While I am sympathetic to this point of view, it is no longer relevant
to the modern context, where many data formats end up being executable,
e.g. Office documents with executable macros in them.


Executable data formats have proven impossible to secure,
starting with the defect IBM introduced into CMS allowing
text formatters run in response to email documents and thus
make system calls.  The fact that Microsoft would copy this
security hole into Word 6 certainly indicates they are not
able to learn from mistakes made by others - they must reinvent
the same mistakes.  IBM withdrew their error.


Securing a MAC system in which the users are hog-tied is easy. The trick
is to provide reasonable security *and* reasonable usability.


There ain't no such thing as a free beer.
-- 
Larry Kilgallen
Previous By Date Next
Previous By Thread Next

Current thread: