From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,da46977c58c329df X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2002-02-06 17:44:51 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!logbridge.uoregon.edu!arclight.uoregon.edu!enews.sgi.com!harbinger.cc.monash.edu.au!news.uwa.edu.au!philip From: Philip Cummins Newsgroups: comp.lang.ada Subject: Re: Ada's Slide To Oblivion ... Date: Thu, 07 Feb 2002 09:44:40 +0800 Organization: The University of Western Australia Message-ID: <070220020944405895%philip@no-spam.cs.uwa.edu.au> References: <4519e058.0201310714.650888e1@posting.google.com> <3C598CAA.7040801@home.com> <3C59FCD3.928144FB@adaworks.com> <7v8za79id0.fsf@vlinux.voxelvision.no> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Trace: enyo.uwa.edu.au 1013046287 15120 130.95.1.151 (7 Feb 2002 01:44:47 GMT) X-Complaints-To: usenet@news.uwa.edu.au User-Agent: YA-NewsWatcher/5.0.1 Xref: archiver1.google.com comp.lang.ada:19687 Date: 2002-02-07T09:44:40+08:00 List-Id: Hello, > On many architectures, then, C prevents the OS from using available memory > protection mechanisms to prevent buffer overrun exploitation, whereas most > other programming languages do not. In this way, C is a security liability. > C++ generally has the same fault. Well, I'd say it's more the fault of the OS rather than C (not that I like C that much). If people were serious about killing off buffer overflow attacks they'd implement OS allocated buffers with guard pages to fix the problem and make it impossible to use a stack as a buffer. PC