On Thursday 09 October 2003 13:50, Dehner, Benjamin T. wrote: > What is interesting in this article is what Balmer does NOT say. > Specifically: > -- code auditing to prevent security problems > -- Q/A testing of software to detect bugs > -- testing of patches to prevent patch interaction and over-write > issues > -- third party security testing
These all seem to me to be reasonable steps for detecting/preventing/removing software implementation flaws, but they don't address design or architectural concerns. That being said, ridding the world of every buffer overflow would be a great thing. But I'm still concerned with design problems. For example, an email program that allows a user to mouse-click on an attachment and run it with all of the privileges of the user has a fundamental design flaw that removing every single buffer overflow and such won't cure. Likewise for architectural flaws. IMHO, developing safe software must be an engineering process that, among other things, includes tests at each phase of the development life cycle. Testing source code is just one component of that. Cheers, Ken van Wyk (Co-author, Secure Coding (O'Reilly, 2003), http://www.securecoding.org) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
