nevermind the fact that a "good" program in your list may contain as yet unknown vulnerabilities which mean it's actually bad. On Sep 19, 2010 7:08 PM, "Georgi Guninski" <[email protected]> wrote: > On Sun, Sep 19, 2010 at 06:21:35PM +0200, Pavel Kankovsky wrote: >> On the other hand, It is possible to "detect all bad programs" if it is >> allowed to err on the safe side and mistake some good programs for bad >> programs. An extreme example is to call all programs bad unless their >> exact code appears on the list of known good programs. >> > > > i doubt this can be remotely implemented in practice because of dynamic code like |eval| and mobile code. > > can |code| be realistically distinguished from |data| for current OSes > (e.g. is a vim modeline *only a* plain string or a string + program) ? > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
