[3337] in bugtraq
Re: Pine security problem
daemon@ATHENA.MIT.EDU (Vince L. Reed)
Wed Sep 11 00:16:32 1996
Date: Tue, 10 Sep 1996 23:52:06 -0400
Reply-To: "Vince L. Reed" <vreed@MITRE.ORG>
From: "Vince L. Reed" <vreed@mail03.mitre.org>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
>What about using random file names and checking if those exist? The current
>fix for the mail lock file seems like the work of a lazy programmer.
Liam,
Seeing your comment, started me thinking that there are a lot of programming
techniques that one can use on UNIX platforms that would qualify as lazy
programming. So, I began to wonder if someone has documented a set of
security oriented coding standards for say C or any other HOL on UNIX
platforms. If anyone knows of such a document, please send me a response.
If I get anything substantive, I'll post it back to the list.
Vince Reed, CISSP (Mail Stop ALAB)
Senior Systems Security Engineer
The MITRE Corp., Secure Information Technology Dept.
1500 Perimeter Pkwy., Suite 310, Huntsville, AL 35806-3578
Phone: +1.205.890.3323, FAX: +1.205.830.2608
