From: Jeff Carter <carter@innocon.com>
Subject: Re: packages and private parts
Date: 1997/02/10
Date: 1997-02-10T00:00:00+00:00 [thread overview]
Message-ID: <32FF4D8D.167EB0E7@innocon.com> (raw)
In-Reply-To: dewar.855326480@merv
Robert Dewar wrote:
> As for the "destroying safety and robustness issue", I think this is
> totally bogus.
>
> The safety and robustness of a system depends on the integrity of
> the sources. If anyone can go changing sources then of course any
> guarantees on private part integrity are destroyed, and furthermore
> the user of the package has potentially no knowledge that it has
> been destroyed in this way. Clearly this is swomething that CM
> systems must protect against.
Except, of course, that anyone can write a child without changing
sources, but with the same effect. Putting the sources under CM doesn't
prevent this.
> Child packages are much safer. If you have a set of packages from
> a "great designer", and want to use them, then use them, do NOT
> use any suspicious non-official children! Remember that a program
> is only affected by the presence of child packages if it directly
> or indirectly with's these children.
How do you know which children are official and which are not? How do
you know whether a programmer has written and used an unauthorized child
that is not known to the rest of the system?
> Remember also that the integrity of private parts is always
> attackable using unchecked convrsion. You expect to be able to
> defend against this with rules that limit the use of UC, so put
> into palce appropriate rules that limit the use of child packages
> if you are concerned about this problem, and possibly enforce
> them with your CM package, if this is useful.
Unchecked_Conversion and overlays using an address clause are easy to
detect. Child packages are very difficult to detect.
--
Jeff Carter
Innovative Concepts, Inc.
Now go away, or I shall taunt you a second time.
next prev parent reply other threads:[~1997-02-10 0:00 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <32F170C8.6A88F208@cam.org>
[not found] ` <dewar.854838063@merv>
[not found] ` <32FA4C67.48D9@watson.ibm.com>
[not found] ` <dewar.855276290@merv>
1997-02-07 0:00 ` packages and private parts Norman H. Cohen
1997-02-07 0:00 ` Robert Dewar
1997-02-14 0:00 ` Norman H. Cohen
1997-02-15 0:00 ` Robert Dewar
[not found] ` <32FB27FF.794BDF32@innocon.com>
1997-02-07 0:00 ` Tucker Taft
1997-02-08 0:00 ` Ken Garlington
[not found] ` <dewar.855326480@merv>
1997-02-10 0:00 ` Jeff Carter [this message]
1997-02-10 0:00 ` Robert Dewar
1997-02-10 0:00 ` Larry Kilgallen
1997-02-10 0:00 ` Jon S Anthony
[not found] <32F1A8AD.6D6C@ehs.ericsson.se>
[not found] ` <E4wBxD.Jtp.0.-s@inmet.camb.inmet.com>
[not found] ` <32FA579B.2496@watson.ibm.com>
[not found] ` <E58onv.4zC@world.std.com>
1997-02-07 0:00 ` Mats Weber
1997-02-07 0:00 ` Mats Weber
1997-02-14 0:00 ` Norman H. Cohen
1997-02-16 0:00 ` Tucker Taft
1997-02-17 0:00 ` Norman H. Cohen
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox