[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1067432291.716.13.camel@hellfire>
From: pz at psychozapp.de (Sebastian Herbst)
Subject: Coding securely, was Linux (in)security
> Duh. That's a complete misunderstanding of the halting problem - which
> is, in essence, that you can't write a program which can predict, in
> general, whether another program will halt. Its perfectly possible to
> write programs that are guaranteed to halt.
The statement was: "There is no programming language that prevents you
from writing insecure code". And that is true, as long as "insecure
code" means vulnerability to DoS. IMHO that would be "incorrect" not
"insecure" code, since an attacker is not able to get sensible data, or
additional rights("shutting down" the service is public right because of
incorrect code). Btw (almost) every programming language gives the
versatile programmer the possibility to write proof-able correct and
secure programs.
--
/~\ The ASCII Sebastian Herbst
\ / Ribbon Campaign pz@...chozapp.de
X Against HTML
/ \ Email! D90E 548A F4F9 5C1E 67E5 06A7 C426 3827 1568 206D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031029/9b51ebc0/attachment.bin
Powered by blists - more mailing lists