lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: full-disclosure at royds.net (Bill Royds)
Subject: [inbox] Re: RE: Linux (in)security

Actually most of VMS was written in a programming language called BLISS-32
which was designed to write an OS.

An unusual thing about BLISS was that it defined variables as the address
and one had to explicitly dereference the name to get the value of a
variable ( a little like the $ in front of Perl variables).
It was quite explicit in BLISS code as to whether one was looking at the
variable or its contents or its attrtibutes, forcing Bliss coders to much
more aware of possible alias problems and overflow problems.

The result of BLISS was VAX assembler code rather than raw machine code,
which is why the port to Alpha went  the way it did.  Bliss fell out of
favour at DEC becuase it required programmers to learn a new style of coding
from C so the Alpha code used more C than Bliss.

----- Original Message ----- 
From: "Bruce Ediger" <eballen1@...st.net>
To: <full-disclosure@...ts.netsys.com>
Sent: Sunday, October 26, 2003 11:56 PM
Subject: Re: [inbox] Re: [Full-Disclosure] RE: Linux (in)security


> On Sun, 26 Oct 2003, Bill Royds wrote:
>
> > You are saying that a language that requires every programmer to check
for
> > security problems on every statement of every program is just as secure
as
> > one that enforces proper security as an inherent part of its syntax?
> >     And I suppose that you also believe in the tooth fairy.
>
> Well, no, but I don't believe your theory either.  VMS usually gets
> held up as an example of an OS without significant security problems.
>
> Sorry to tell you, but DEC wrote VMS mainly in VAX-11 assembler.
> The Alpha-CPU port of VMS involved writing a VAX-11 assember compiler,
> and compiling the VAX assembly code to Alpha object code.
>
> VAX-11 assembler, although nifty in a macro sort of way, and orthogonal
> to the point of distraction, had exactly none of the features you claim
> help secure an OS.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ