Salut, Maurice Volaski, On Fri, 4 Jul 2008 13:00:14 -0400, Maurice Volaski wrote: > IMHO, you have it backwards. It is the improper error messages that > can pose a security risk. If my OpenSSH program is either > misconfigured or malfunctiong, and it may be exposing my systems to > something nefarious, then how am I to efficiently debug it and get to > the bottom of that if I have to contend with its throwing roadblocks > in my face?
If you followed the history of security problems of the non-portable
OpenSSH/OpenSSL series of the past few years, you will notice that a
lot of the problems unleashed were actual oracles and not typical
programming errors like buffer overflows or the likes, but a lot of
timing attacks or similar information disclosure vulnerabilities.
In some case adding what people are looking for would make for a
perfect oracle (e.g. "The key hash was invalid!" or other reasons why a
cryptographic operation failed), or in some cases the developers simply
got too much used to this non-disclosing programming style.
Either way it's not really easy to find the correct balance.
> This is not nuance by any means. It's just poor programming practice.
I disagree.
Tonnerre
--
SyGroup GmbH
Tonnerre Lombard
Solutions Systematiques
Tel:+41 61 333 80 33 Güterstrasse 86
Fax:+41 61 383 14 67 4053 Basel
Web:www.sygroup.ch [EMAIL PROTECTED]
signature.asc
Description: PGP signature
