On Mon, 18 Nov 2002 14:59, you wrote: > I think I should point out that that link was posted to me by one of my > bosses (3 notches up the hierarchy)
I reckon that the ovine creature 3 rungs up should be told that the '86 architecture is intrinsically insecure no matter what o/s is on it. Its power has outgrown its design. '86 was fine until people started to use it on networks when its innate lack of the hardware needed to support secure computing environments caused all the current problems. The two main failures of '86 allow you, as an un-privilidged user, to: Write program instructions into the data areas of a process and then to execute them from within a program; Write outside lthe data area which the o/s has allocated to you; These are the two '86 design faults which allow stack-smashing by buffer overflow etc.. It's all a big plot to keep the virus industry fat and healthy. "Grown-up" computer hardware supporting a similarly "grown-up" o/s doesn't allow that sort of nonsense. -- Sincerely etc., Christopher Sawtell
