Bell Labs or Microsoft security?
E.B. Dreger
eddy+public+spam at noc.everquick.net
Wed Jan 29 18:00:30 UTC 2003
RAS> Date: Wed, 29 Jan 2003 12:36:22 -0500
RAS> From: Richard A Steenbergen
RAS> Note I'm making a distinction between fixing the string
RAS> libraries to handle overflow situations better, and changing
RAS> the entire OS to do array bounds checking. One is good, the
RAS> other is not.
Okay. I'll buy that.
On a somewhat similar note, it's too bad x86 lacks native support
for diasbling PROT_EXEC. That wouldn't solve everything, but it
would help. (I recall a paper on some funky asm-foo to implement
it, but only skimmed it...)
The real definition of layered security: We needn't worry about
that here, because another layer will take care of it.
Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist at brics.com>
To: blacklist at brics.com
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist at brics.com>, or you are likely to
be blocked.
More information about the NANOG
mailing list