From: "Bennett, Chip (KTR) ~U" <BennettC@J64.STRATCOM.AF.MIL>
Subject: Should internet support software be written in Ada?
Date: Mon, 6 Mar 1995 13:01:00 PST
Date: 1995-03-06T13:01:00-08:00 [thread overview]
Message-ID: <2F5B780E@SMTPGATE2.STRATCOM.AF.MIL> (raw)
I just read an interesting article in Federal Computer Week. The article,
titled "Energy group uncovers hole in Web software" is rather old (Feb 20),
so if this ground has already been covered, I apologize for rehashing it.
The article points out that the NCSA's httpd version 1.3 has a flaw where a
hacker might be able to overflow internal buffers and gain root access.
Point 1: Didn't we already go through this several years back with a UNIX
mail server that had a similar problem? Any history buffs remember that
one?
Point 2: I going to make a huge leap here and assume that httpd is written
in C. I'd bet that if the software had been written in a constraint
checking language like Ada, the problem would not have occurred. Comments?
Chip Bennett
next reply other threads:[~1995-03-06 21:01 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
1995-03-06 21:01 Bennett, Chip (KTR) ~U [this message]
1995-03-07 2:35 ` Should internet support software be written in Ada? Vladimir Vukicevic
-- strict thread matches above, loose matches on Subject: below --
1995-03-17 0:24 Bill Brooks
1995-03-17 8:47 ` Anthony Shipman
1995-03-19 22:06 ` David Weller
1995-03-23 15:05 ` Theodore Dennison
1995-03-24 10:26 ` Fred J. McCall
1995-03-27 9:50 ` Robb Nebbe
1995-03-27 14:24 ` Theodore Dennison
1995-03-28 0:00 ` Robert Dewar
1995-03-28 9:32 ` Fred J. McCall
1995-03-29 0:00 ` Theodore Dennison
1995-03-29 0:00 ` Robert I. Eachus
1995-03-31 0:00 ` Theodore Dennison
1995-04-05 0:00 ` Wes Groleau
1995-03-22 23:08 ` Keith Thompson
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox