Date: Fri, 14 Aug 1998 12:20:25 -0600 From: Brett Glass <brett@lariat.org> To: Joseph Stein <joes@shasta.wstein.com> Cc: mike@smith.net.au, hackers@FreeBSD.ORG Subject: Re: 64-bit time_t Message-ID: <199808141820.MAA25200@lariat.lariat.org> In-Reply-To: <199808141746.KAA20357@shasta.wstein.com> References: <199808141733.LAA24664@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 10:46 AM 8/14/98 -0700, Joseph Stein wrote: >There is no such thing as a "safe" tool. You can write code in assembly >language and still end up with security holes. Of course. Assembly language has even fewer safeguards against shooting oneself in the foot, though in many cases it's easy to spot and prevent problems than it is in C. >Until someone writes a >compiler (for *any* compiled language) that will test for every possible >conceivable security holes (volunteers needed...) there will be security >holes in *every* application -- that can be fixed when found, using, the >"unsafe" tool that was used to create it. This argument (which, again, is often used to justify doing nothing) is analogous to saying, "If it's not absolutely impossible to kill myself in a car under any conditions, there's no point in requiring it to have any basic safety features such as seat belts." My personal opinion is that we, as software professionals, should take a more professional attitude about this. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808141820.MAA25200>