At 8:47 AM -0700 8/27/09, Benjamin Tomhave wrote:
Should any sort of overflow really be allowed?
It is not, except by management decision (in choosing an unsafe
language).
--
Larry Kilgallen
___
Secure Coding mailing list (SC-L)
To be sure, inherently secure code is a misnomer. However, that being
said, my original contention was that certain common vulnerabilities
should be automatically managed these days rather than relying on
explicit code to catch them. Should any sort of overflow really be
allowed? I have to believe
I am not sure I agree that this is any more achievable than claiming a
bank building should allow all valid customers in, but keep out all
thieves. While we can and should make great strides, we will always
have some exposure because we have to let some things through. The
only way we