Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 8 Nov 2001 00:35:43 -0800
From:      "Ted Mittelstaedt" <tedm@toybox.placo.com>
To:        "Anthony Atkielski" <anthony@atkielski.com>, "Andrew C. Hornback" <achornback@worldnet.att.net>, "FreeBSD Questions" <freebsd-questions@FreeBSD.ORG>
Subject:   RE: Lockdown of FreeBSD machine directly on Net
Message-ID:  <005001c16830$5af4dc00$1401a8c0@tedm.placo.com>
In-Reply-To: <004001c1682e$6db1d5c0$0a00000a@atkielski.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
>-----Original Message-----
>From: owner-freebsd-questions@FreeBSD.ORG
>[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Anthony
>Atkielski
>Sent: Thursday, November 08, 2001 12:22 AM
>To: Andrew C. Hornback; FreeBSD Questions
>Subject: Re: Lockdown of FreeBSD machine directly on Net
>
>I'm saying that either it will succeed, or it won't, but this will not change
>over the lifetime of the product.  A hole that is not originally
>present in the
>code will not magically appear at some later date.

Not necessairly because a lot of UNIX programs use shared libraries.  The
code for the specific UNIX app may not change but if the library code does
it can create a hole that didn't exist before.  For example an early version
of the library that has docs that are silent on the issue of bounds checking,
may indeed do bounds checking on parameters passed to a function
but this may be found to cause problems so later on it's removed.  The
original
application developer knew about the bounds checking so didn't include it in
his application, so when the app was built it had no hole.  Later on the
library code is changed, creating a hole in the application.

This is espically common on ports.  There's lots of apps that have been ported
to FreeBSD that the port maintainer discovered bugs in the memory handling,
these
bugs didn't exist on other platforms because those platforms' compilers
correct freeing problems silently, behinds the scenes.


Ted Mittelstaedt                                       tedm@toybox.placo.com
Author of:                           The FreeBSD Corporate Networker's Guide
Book website:                          http://www.freebsd-corp-net-guide.com



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005001c16830$5af4dc00$1401a8c0>