Richard, Im glad you asked this but I didn't want to scare the community... ;)
Buffer overflow only affect cpu register handling. Macs have data and execution (scripts ;) register in their cpus while PCs have a mixed register where the malicious calls can be "faked"... Data becomes "script" and voila - compromized! Macs are inmune more or less. And i guess pc makers are trying to fix that too... I wouldn't be concerned with them as much as securing a transaction protocol before doing any net negotiation... Or making a secure registration protocol for securing your software. Etc, etc... Beware there's a zillion more security holes worse than those. I know a lot in Rev but hell im gonna tell ya! Just today, we just got some free tickets to a race in zolder.be through a stupid web-form where you could add your name to print the ticket in the url ;)) Just an example... So regarding, a past mail against Tuv's RSA examples, the best security is through education, nothing more. I have a pc, web server, mysql, and i've been able to plug in each hole and rarely, rarely get a virus (2 in 4 years without damage) - spywares took me by surprise once... and that will go even through Chipp's ieexplorer plugin - left by default open by the software maker again? OK, i didn't know it, it's patched now... No big deal. But Thanks to backups and "reasonable" usage, there's no danger!!! If you want real security buy it or learn it... Only took 20 rules to rule out most of my spam! Things like that, just take the users ingenuity, nothing more... there's no substitute for education Xav http://monsieurx.com > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Richard Gaskin > Sent: Friday, April 22, 2005 18:36 > To: How to use Revolution > Subject: Rev as server immune to buffer overflow? > > I vaguely recall someone quoting Scott Raney as saying that > buffer overflow issues aren't a concern when building any > socket apps with the engine. > > Do I recall correctly? Any of you have more background on that? > > -- > Richard Gaskin > Fourth World Media Corporation > __________________________________________________ > Rev tools and more: http://www.fourthworld.com/rev > _______________________________________________ > use-revolution mailing list > [email protected] > http://lists.runrev.com/mailman/listinfo/use-revolution > _______________________________________________ use-revolution mailing list [email protected] http://lists.runrev.com/mailman/listinfo/use-revolution
