WebApp Sec mailing list archives
RE: Secure Coding? Bah!
From: "Taco Fleur" <tacofleur () nella net au>
Date: Fri, 23 Jan 2004 16:55:05 +1000
Any application that depends on something that is not written by the developer itself, i.e. objects, dlls, the parsing engine cannot be 100% secure. I am assuming we are talking about application that are dynamic and not plain static HTML, therefore they always rely on something, the code can be good and secure, but is the parsing engine free of bugs and exploits, is the db secure, can the dll be exploited etc. etc. That's what I reckon anyway, if you see it differently, by all means let me know about it.
How exactly do you allege that no application can ever be 100% secure? You *do* realize that this depends on many factors and applications can indeed be secure (yes, that's right--100%). Protocols, interfaces, and so on can pose security issues that affect any application, but the application itself and how it's coded can be completely secure. Granted, it seems rare that it's the case, but I guarantee it's more than possible to accomplish. -- Tim Greer <chatmaster () charter net>
Current thread:
- Secure Coding? Bah! Mark Curphey (Jan 22)
- Re: Secure Coding? Bah! Adam Tuliper (Jan 22)
- RE: Secure Coding? Bah! Taco Fleur (Jan 22)
- RE: Secure Coding? Bah! Patrick Chavez (Jan 22)
- Re: Secure Coding? Bah! Juridian (Jan 23)
- Re: Secure Coding? Bah! Juridian (Jan 22)
- Re: Secure Coding? Bah! David Wall @ Yozons, Inc. (Jan 22)
- RE: Secure Coding? Bah! Taco Fleur (Jan 22)
- RE: Secure Coding? Bah! Tim Greer (Jan 23)
- RE: Secure Coding? Bah! Taco Fleur (Jan 23)
- RE: Secure Coding? Bah! Tim Greer (Jan 23)
- RE: Secure Coding? Bah! Taco Fleur (Jan 22)
- Re: Secure Coding? Bah! Adam Tuliper (Jan 22)
- <Possible follow-ups>
- Re: Secure Coding? Bah! Chris Kirschke (Jan 22)
- Re: Secure Coding? Bah! Mark Curphey (Jan 22)
- Re: Secure Coding? Bah! Adam Tuliper (Jan 22)
- Re: Secure Coding? Bah! Mark Curphey (Jan 22)
- RE: Secure Coding? Bah! Taco Fleur (Jan 22)
- Re: Secure Coding? Bah! Mark Curphey (Jan 23)
- RE: Secure Coding? Bah! Taco Fleur (Jan 23)