Bell Labs or Microsoft security?

• Previous message (by thread): Bell Labs or Microsoft security?
• Next message (by thread): Bell Labs or Microsoft security?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RAS> Date: Wed, 29 Jan 2003 12:36:22 -0500
RAS> From: Richard A Steenbergen


RAS> Note I'm making a distinction between fixing the string
RAS> libraries to handle overflow situations better, and changing
RAS> the entire OS to do array bounds checking. One is good, the
RAS> other is not.

Okay.  I'll buy that.

On a somewhat similar note, it's too bad x86 lacks native support
for diasbling PROT_EXEC.  That wouldn't solve everything, but it
would help.  (I recall a paper on some funky asm-foo to implement
it, but only skimmed it...)

The real definition of layered security:  We needn't worry about
that here, because another layer will take care of it.


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist at brics.com>
To: blacklist at brics.com
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist at brics.com>, or you are likely to
be blocked.

• Previous message (by thread): Bell Labs or Microsoft security?
• Next message (by thread): Bell Labs or Microsoft security?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]