North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Bell Labs or Microsoft security?

  • From: Richard A Steenbergen
  • Date: Wed Jan 29 11:24:59 2003

On Wed, Jan 29, 2003 at 08:50:56AM -0500, Marshall Eubanks wrote:
> 
> A world before buffer overflow exploits ?
> 
> The first (Fortran) programming course I ever took at MIT on the first 
> day of lab they said
> 
> 1.) If you set an array  index to a sufficiently  large negative number 
> you would overwrite
> the operating system and crash the system (requiring a reboot from 
> punched paper tape).

I said exploits, not ways to get outside your proper address space and 
crash the OS. Any sufficiently powerful language presents an opportunity 
to do bad things to an ill prepared OS, but the answer isn't to make the 
language less powerful.

Perhaps if we banned C and assembly, and made everyone use perl, we'd be 
safe. :)

-- 
Richard A Steenbergen <[email protected]>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)