From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,3339c21cad84e30c
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2001-02-08 12:50:24 PST
Path: 
 supernews.google.com!sn-xit-02!supernews.com!news.tele.dk!212.74.64.35!colt.net!nntp1.aeq.teleglobe.net!teleglobe.net!news1.mtl.metronet.ca!news1.tor.metronet.ca!nnrp1.tor.metronet.ca!not-for-mail
Message-ID: <3A830648.FDB619EA@home.com>
From: "Warren W. Gay VE3WWG" <ve3wwg@home.com>
X-Mailer: Mozilla 4.75 [en] (Windows NT 5.0; U)
X-Accept-Language: en
MIME-Version: 1.0
Newsgroups: comp.lang.ada
Subject: Re: BIND is Crying Out for Ada95
References: <3A82D822.E93A2152@home.com> <87u264ap6p.fsf@deneb.enyo.de>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Date: Thu, 08 Feb 2001 20:50:22 GMT
NNTP-Posting-Host: 198.96.47.195
NNTP-Posting-Date: Thu, 08 Feb 2001 13:50:22 MDT
Organization: MetroNet Communications Group Inc.
Xref: supernews.google.com comp.lang.ada:5026
Date: 2001-02-08T20:50:22+00:00
List-Id: <comp.lang.ada>

Florian Weimer wrote:
> 
> "Warren W. Gay VE3WWG" <ve3wwg@home.com> writes:
> 
> > If someone has the time, here is a perfect chance to put Ada95
> > into the forefront, with a well written Ada95 version of BIND,
> > with fewer weekly exploits. It provides an essential service
> > for just about ALL networked systems today (what an opportunity ;-)
> 
> Ada wouldn't help here. Even if your DNS name server is more reliable,
> DNS will still be subject to all kinds of attacks, because not only
> BIND is insecure, the DNS protocol is inadequate, too.

I disagree. Its not hard find vulnerabilities like this example:

Vulnerability #5: the "maxdname bug"

Improper handling of certain data copied from the network could allow 
a remote intruder to disrupt the normal operation of your name server, possibly
including a crash. 

I'll bet, if we look at the code, its related to such things as exceeding
C array bounds and other C-evils.

I'm not saying Ada is a cure-all -- but I think it has a lot to offer
in this area.

-- 
Warren W. Gay VE3WWG
http://members.home.net/ve3wwg