[17089] in cryptography@c2.net mail archive
Re: Security is the bits you disable before you ship
daemon@ATHENA.MIT.EDU (Florian Weimer)
Sun Mar 20 12:01:43 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: Florian Weimer <fw@deneb.enyo.de>
To: pgut001@cs.auckland.ac.nz (Peter Gutmann)
Cc: cryptography@metzdowd.com
Date: Tue, 15 Mar 2005 21:36:22 +0100
In-Reply-To: <E1DB5Cr-0003GP-00@medusa01.cs.auckland.ac.nz> (Peter Gutmann's
message of "Tue, 15 Mar 2005 19:07:05 +1300")
* Peter Gutmann quotes CNET:
> GCC 4.0 also introduces a security feature called Mudflap, [...]
> So you have an interesting definition of a security feature as "the
> bit you disable before the product goes into the environment where
> it'll be subject to attack".
Actually, mudflap is not a security feature (and I'd be surprised if
Mark claimed it was). It's a debugging tool, not a silver bullet.
mudflap simply wasn't designed to stop buffer overflow exploits (or to
make them at least somewhat harder), but to find memory management
bugs.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
