[55493] in North American Network Operators' Group
Re: Bell Labs or Microsoft security?
daemon@ATHENA.MIT.EDU (Florian Weimer)
Wed Jan 29 17:26:42 2003
To: Richard A Steenbergen <ras@e-gerbil.net>
Cc: nanog@merit.edu
From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>
Date: Wed, 29 Jan 2003 23:18:51 +0100
In-Reply-To: <20030129161613.GF78231@overlord.e-gerbil.net> (Richard A
Steenbergen's message of "Wed, 29 Jan 2003 11:16:13 -0500")
Errors-To: owner-nanog-outgoing@merit.edu
Richard A Steenbergen <ras@e-gerbil.net> writes:
> I said exploits, not ways to get outside your proper address space and
> crash the OS. Any sufficiently powerful language presents an opportunity
> to do bad things to an ill prepared OS, but the answer isn't to make the
> language less powerful.
The Burroughs B6700 had trusted compilers.
> Perhaps if we banned C and assembly, and made everyone use perl, we'd be
> safe. :)
The Perl parser itself (written in C ;) seems to have some issues (in
__DIE__ handlers). 8-(
--
Florian Weimer Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT fax +49-711-685-5898
