full-disclosure - Coding securely, was Linux (in)security

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

From: greg-fulldisclosure-2003 at nest.cx (Gregory Steuck)
Subject: Coding securely, was Linux (in)security

>>>>> "Valdis" == Valdis Kletnieks <Valdis.Kletnieks@...edu> writes:

    Valdis> All programming languages that are Turing-complete
    Valdis> (basically, anything that has a conditional loop) are prone
    Valdis> to the Turing Halting Problem.

    Valdis> In other words, you can't prevent DoS-via-infinite-loop
    Valdis> based on input.

You still can manage the problem by imposing CPU limits. This is what
multiuser systems have been doing for decades with varying degrees of
success.