Bugtraq mailing list archives
Re: Buffer Overflows: A Summary
From: perry () piermont com (Perry E. Metzger)
Date: Wed, 30 Apr 1997 12:34:37 -0400
Aleph One writes:
Again the thing to do is fix the offending code. The OpenBSD project and some other teams have done a great job in this area. They have systematically gone through their code base looking for possible vulnerabilities. Not only have the fixed dozens of possible holes, at the same time they have made their software more reliable. Reliability and security go hand in hand.
NetBSD has been doing more or less the same thing. We are currently working on eliminating as many SUID programs as possible, replacing them with solutions that if possible require fewer SUID executables on a machine. Less trusted code means less code which could go wrong which means more reliablity. Perry
Current thread:
- Buffer Overflows: A Summary Aleph One (Apr 29)
- Re: Buffer Overflows: A Summary Perry E. Metzger (Apr 30)