at FOSDEM, we discussed how I might help to improve free Java's security. It seems to me that, for the edifice to be secure, the native layer's security is absolutely essential. I scanned the native directory with RATS (Rough Auditing Tool for Security - http://securesoftware.com) and found a few potential vulnerabilities, e.g. regarding the use of strcpy, fprintf, getenv and sprintf. Is this worth investigating further, or has it been covered?
kr, Yo -- Johan Peeters bvba software architecture services tel:+32 16 64900 http://www.johanpeeters.com _______________________________________________ Classpath mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/classpath
