Secure Coding mailing list archives
Theoretical question about vulnerabilities
From: Pascal Meunier <pmeunier () cerias purdue edu>
Date: Sun, 10 Apr 2005 22:00:23 +0100
Do you think it is possible to enumerate all the ways all vulnerabilities can be created? Is the set of all possible exploitable programming mistakes bounded? I would think that what makes it possible to talk about design patterns and attack patterns is that they reflect intentional actions towards "desirable" (for the perpetrator) goals, and the set of desirable goals is bounded at any given time (assuming infinite time then perhaps it is not bounded). However, once commonly repeated mistakes have been described and taken into account, I have a feeling that attempting to enumerate all other possible mistakes (leading to exploitable vulnerabilities), for example with the goal of producing a complete taxonomy, classification and theory of vulnerabilities, is not possible. All we can hope is to come reasonably close and produce something useful, but not theoretically strong and closed. This should have consequences for source code vulnerability analysis software. It should make it impossible to write software that detects all of the mistakes themselves. Is it enough to look for violations of some invariants (rules) without knowing how they happened? Any thoughts on this? Any references to relevant theories of failures and errors, or to explorations of this or similar ideas, would be welcome. Of course, Albert Einstein's quote on the difference between genius and stupidity comes to mind :). Thanks, Pascal Meunier
Current thread:
- Theoretical question about vulnerabilities Pascal Meunier (Apr 10)
- Re: Theoretical question about vulnerabilities Crispin Cowan (Apr 10)
- RE: Theoretical question about vulnerabilities David Crocker (Apr 11)
- Re: Theoretical question about vulnerabilities Crispin Cowan (Apr 12)
- Re: Theoretical question about vulnerabilities der Mouse (Apr 12)
- RE: Theoretical question about vulnerabilities David Crocker (Apr 12)
- Re: Theoretical question about vulnerabilities der Mouse (Apr 12)
- RE: Theoretical question about vulnerabilities David Crocker (Apr 13)
- Re: Theoretical question about vulnerabilities Crispin Cowan (Apr 13)
- RE: Theoretical question about vulnerabilities David Crocker (Apr 14)
- Re: Theoretical question about vulnerabilities Crispin Cowan (Apr 15)