|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Bell Labs or Microsoft security?
RAS> Date: Wed, 29 Jan 2003 12:36:22 -0500 RAS> From: Richard A Steenbergen RAS> Note I'm making a distinction between fixing the string RAS> libraries to handle overflow situations better, and changing RAS> the entire OS to do array bounds checking. One is good, the RAS> other is not. Okay. I'll buy that. On a somewhat similar note, it's too bad x86 lacks native support for diasbling PROT_EXEC. That wouldn't solve everything, but it would help. (I recall a paper on some funky asm-foo to implement it, but only skimmed it...) The real definition of layered security: We needn't worry about that here, because another layer will take care of it. Eddy -- Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 (785) 865-5885 Lawrence and [inter]national Phone: +1 (316) 794-8922 Wichita ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <[email protected]> To: [email protected] Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <[email protected]>, or you are likely to be blocked.
|