> On another not, > about buffer overruns. > Java does protect us from stupid buffer overruns in our code > BUT NOT in the JVM or Java libraries (which in case of SUNs JDK > is more or less closed source and not reviewable)
True; however: (1) Buffer overflows in underlying netcode and such is much less likely than in any normal C application because the code is to very well tested - any Java application out there is a test case. If there was a serious buffer overflow in the netcode or some internal Java string handling, it would probably have been discovered by now. (2) If there *is* a bufferoverflow, the effect of an overrun is likely to be less predictable and thus more difficult to exploit. -- / Peter Schuller, InfiDyne Technologies HB PGP userID: 0xE9758B7D or 'Peter Schuller <[EMAIL PROTECTED]>' Key retrival: Send an E-Mail to [EMAIL PROTECTED] E-Mail: [EMAIL PROTECTED] Web: http://www.scode.org _______________________________________________ freenet-tech mailing list [EMAIL PROTECTED] http://lists.freenetproject.org/mailman/listinfo/tech
