Full Disclosure mailing list archives
Re: [inbox] Re: RE: Linux (in)security
From: "Bill Royds" <full-disclosure () royds net>
Date: Mon, 27 Oct 2003 08:20:16 -0500
Actually most of VMS was written in a programming language called BLISS-32 which was designed to write an OS. An unusual thing about BLISS was that it defined variables as the address and one had to explicitly dereference the name to get the value of a variable ( a little like the $ in front of Perl variables). It was quite explicit in BLISS code as to whether one was looking at the variable or its contents or its attrtibutes, forcing Bliss coders to much more aware of possible alias problems and overflow problems. The result of BLISS was VAX assembler code rather than raw machine code, which is why the port to Alpha went the way it did. Bliss fell out of favour at DEC becuase it required programmers to learn a new style of coding from C so the Alpha code used more C than Bliss. ----- Original Message ----- From: "Bruce Ediger" <eballen1 () qwest net> To: <full-disclosure () lists netsys com> Sent: Sunday, October 26, 2003 11:56 PM Subject: Re: [inbox] Re: [Full-disclosure] RE: Linux (in)security
On Sun, 26 Oct 2003, Bill Royds wrote:You are saying that a language that requires every programmer to check
for
security problems on every statement of every program is just as secure
as
one that enforces proper security as an inherent part of its syntax? And I suppose that you also believe in the tooth fairy.Well, no, but I don't believe your theory either. VMS usually gets held up as an example of an OS without significant security problems. Sorry to tell you, but DEC wrote VMS mainly in VAX-11 assembler. The Alpha-CPU port of VMS involved writing a VAX-11 assember compiler, and compiling the VAX assembly code to Alpha object code. VAX-11 assembler, although nifty in a macro sort of way, and orthogonal to the point of distraction, had exactly none of the features you claim help secure an OS. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: [inbox] Re: RE: Linux (in)security, (continued)
- Re: [inbox] Re: RE: Linux (in)security Ted Unangst (Oct 26)
- Re: [inbox] Re: RE: Linux (in)security Brett Hutley (Oct 26)
- Coding securely, was Linux (in)security Paul Schmehl (Oct 26)
- Re: Coding securely, was Linux (in)security coderman (Oct 26)
- Re: Coding securely, was Linux (in)security Brett Hutley (Oct 26)
- Re: Coding securely, was Linux (in)security Valdis . Kletnieks (Oct 26)
- Re: Coding securely, was Linux (in)security Brett Hutley (Oct 26)
- Re: [inbox] Re: RE: Linux (in)security Bill Royds (Oct 26)
- Re: [inbox] Re: RE: Linux (in)security Bruce Ediger (Oct 26)
- Re: [inbox] Re: RE: Linux (in)security Stormwalker (Oct 27)
- Re: [inbox] Re: RE: Linux (in)security Bill Royds (Oct 27)
- Re: [inbox] Re: RE: Linux (in)security Bruce Ediger (Oct 27)
- Message not available
- Coding securely, was Linux (in)security Paul Schmehl (Oct 26)
- RE: Coding securely, was Linux (in)security Chris Eagle (Oct 26)
- Re: Coding securely, was Linux (in)security Brett Hutley (Oct 26)
- RE: Coding securely, was Linux (in)security Chris Eagle (Oct 26)
- Re: Coding securely, was Linux (in)security Brett Hutley (Oct 26)
- Off topic programming thread Mortis (Oct 26)
- Re: Off topic programming thread Bill Weiss (Oct 27)
- Re: Off topic programming thread Chris Smith (Oct 27)
- RE: Coding securely, was Linux (in)security Paul Schmehl (Oct 26)