From: Kilgallen@SpamCop.net (Larry Kilgallen)
Subject: Re: ACT announces availability of GNAT 3.14p
Date: 12 Feb 2002 15:59:07 -0600
Date: 2002-02-12T15:59:07-06:00 [thread overview]
Message-ID: <Qlrjf8zoA1TB@eisner.encompasserve.org> (raw)
In-Reply-To: 87sn862yq4.fsf@deneb.enyo.de
In article <87sn862yq4.fsf@deneb.enyo.de>, Florian Weimer <fw@deneb.enyo.de> writes:
> dewar@gnat.com (Robert Dewar) writes:
>
>> I would certainly agree with that. But I remind again, that
>> if you are writing high security Ada programs, e.g. those
>> running as setuid, you are well advised to stay away from
>> anonymous temporary files whose location is not specified
>> by the standard in any case.
> The problem in GNAT 3.14p and earlier does not only affect setuid
He said "e.g." not "i.e.". Certainly you do not disagree that
security is important for a program running with setuid, do you ?
> applications, it affects any application which creates temporary
> files.
And the answer seems to be that in _some_ operating systems which
GNAT can target, use of the C runtime library can provide a call
that gives better security. If GNAT were to simply use that call
when it is possible, that might lead to assumptions that the security
of GNAT was good on _all_ operating systems which GNAT can target.
next prev parent reply other threads:[~2002-02-12 21:59 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-01-31 2:49 ACT announces availability of GNAT 3.14p Robert Dewar
2002-02-03 8:07 ` Leon Winslow
2002-02-03 10:56 ` Dmitry A. Kazakov
2002-02-03 14:18 ` Robert Dewar
2002-02-03 14:46 ` Samuel Tardieu
2002-02-03 19:53 ` Robert Dewar
2002-02-03 13:13 ` Larry Kilgallen
2002-02-03 13:47 ` Jeffrey Creem
2002-02-03 14:11 ` Robert Dewar
2002-02-03 16:50 ` Pascal Obry
2002-02-17 5:37 ` jim
2002-02-17 11:20 ` Pascal Obry
2002-02-04 14:13 ` Stephen Leake
2002-02-04 16:07 ` Stephen Leake
2002-02-04 17:18 ` Darren New
2002-02-04 18:36 ` Preben Randhol
2002-02-04 19:08 ` Pascal Obry
2002-02-06 21:36 ` Karl Ran
2002-02-07 8:15 ` Preben Randhol
2002-02-07 15:06 ` Stephen Leake
2002-02-08 1:09 ` Robert Dewar
2002-02-08 11:23 ` John English
2002-02-08 12:33 ` Georg Bauhaus
2002-02-10 18:22 ` Robert Dewar
2002-02-10 18:53 ` Matthew Woodcraft
2002-02-12 12:14 ` John English
2002-02-08 17:10 ` Stephen Leake
2002-02-10 9:26 ` Florian Weimer
2002-02-10 10:07 ` Florian Weimer
2002-02-10 9:26 ` Florian Weimer
2002-02-10 18:38 ` Robert Dewar
2002-02-10 19:23 ` Florian Weimer
2002-02-10 21:55 ` Robert Dewar
2002-02-10 22:05 ` Florian Weimer
2002-02-11 12:36 ` Robert Dewar
2002-02-11 15:09 ` Florian Weimer
2002-02-11 16:19 ` Larry Kilgallen
2002-02-11 16:49 ` Aidan Skinner
2002-02-11 19:16 ` Florian Weimer
2002-02-11 19:36 ` Larry Kilgallen
2002-02-12 2:18 ` Robert Dewar
2002-02-12 21:10 ` Florian Weimer
2002-02-12 21:59 ` Larry Kilgallen [this message]
2002-02-11 18:55 ` Samuel Tardieu
2002-02-12 14:47 ` Karl Ran
2002-02-12 15:28 ` Aidan Skinner
2002-02-12 15:51 ` David C. Hoos
2002-02-12 15:40 ` Florian Weimer
-- strict thread matches above, loose matches on Subject: below --
2002-01-31 8:22 Christoph Grein
2002-02-10 18:32 ` Robert Dewar
[not found] <0d3401c1b3dd$25df9ac0$453ab4d8@sy.com>
2002-02-12 15:47 ` Aidan Skinner
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox