Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Bell Labs or Microsoft security?

  • From: E.B. Dreger
  • Date: Wed Jan 29 13:06:03 2003

RAS> Date: Wed, 29 Jan 2003 12:36:22 -0500
RAS> From: Richard A Steenbergen


RAS> Note I'm making a distinction between fixing the string
RAS> libraries to handle overflow situations better, and changing
RAS> the entire OS to do array bounds checking. One is good, the
RAS> other is not.

Okay.  I'll buy that.

On a somewhat similar note, it's too bad x86 lacks native support
for diasbling PROT_EXEC.  That wouldn't solve everything, but it
would help.  (I recall a paper on some funky asm-foo to implement
it, but only skimmed it...)

The real definition of layered security:  We needn't worry about
that here, because another layer will take care of it.


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@brics.com>
To: blacklist@brics.com
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist@brics.com>, or you are likely to
be blocked.





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.