North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Bell Labs or Microsoft security?
- From: E.B. Dreger
- Date: Wed Jan 29 13:06:03 2003
RAS> Date: Wed, 29 Jan 2003 12:36:22 -0500
RAS> From: Richard A Steenbergen
RAS> Note I'm making a distinction between fixing the string
RAS> libraries to handle overflow situations better, and changing
RAS> the entire OS to do array bounds checking. One is good, the
RAS> other is not.
Okay. I'll buy that.
On a somewhat similar note, it's too bad x86 lacks native support
for diasbling PROT_EXEC. That wouldn't solve everything, but it
would help. (I recall a paper on some funky asm-foo to implement
it, but only skimmed it...)
The real definition of layered security: We needn't worry about
that here, because another layer will take care of it.
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <email@example.com>
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <firstname.lastname@example.org>, or you are likely to