From: "Nick Roberts" <nickroberts@adaos.worldonline.co.uk>
Subject: Re: Ada's Slide To Oblivion ...
Date: Wed, 6 Feb 2002 02:37:51 -0000
Date: 2002-02-06T02:37:51+00:00 [thread overview]
Message-ID: <a3q69h$18m3um$1@ID-25716.news.dfncis.de> (raw)
In-Reply-To: a3eikr$tfo$1@news.btv.ibm.com
"Dale Pontius" <pontius@btv.MBI.com.invalid> wrote in message
news:a3eikr$tfo$1@news.btv.ibm.com...
> By today's common programming practices, we have a situation
> where the simplest/easiest way of programming string input gives
> buffer overflows, and there for security holes. In C, that is.
> Don't know about C++, but at least in Ada, the simplest/easiest
> way of programming string input at worst would give a DOS
> problem as the program crashed, and it wouldn't be much harder
> to catch the exception and stop that.
To my mind, it seems more appropriate that DoS (Denial of Service) attack
prevention should be undertaken primarily by the IP router module, not by
TCP (or UDP) service applications. The TCP module, and its service
applications, could help by reporting suspicious activity to the IP router
(which should provide an interface to facilitate this).
Both C and C++ are fundamentally insecure languages, because they require a
'flat' address space, with no differentiation between the executable
(read-only) and variable (read-write) parts. This completely subverts the
security mechanisms (e.g. segments with access controls) most modern
processor architectures support and could otherwise fully deploy. Buffer
overrun exploits are but one manifestation of this problem.
I never cease to be amazed at the number of people -- many who should know
better (or be more honest) -- who expound flat address spaces as universally
advantageous. (I emphasise that I understand there are some cases where they
are indeed advantageous.)
Some processor architectures, specifically for the benefit of C code,
support a style of addressing that permits the use of a machine word to
contain a full address into a segmented space, but with only 32 bits to play
(on 32-bit architectures), this doesn't work very well. Of course 64-bit
architectures solve this problem; but then the problems of porting 32-bit C
and C++ code to 64-bit are many, and make hilarious reading for those of a
strong mental constitution.
--
Nick Roberts
next prev parent reply other threads:[~2002-02-06 2:37 UTC|newest]
Thread overview: 78+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-01-30 23:09 Ada's Slide To Oblivion Volkert
2002-01-30 23:57 ` Marin David Condic
2002-01-31 3:04 ` Richard Riehle
2002-01-31 3:05 ` Eric Merritt
2002-01-31 16:26 ` Richard Riehle
2002-01-31 16:41 ` Larry Kilgallen
2002-02-02 15:51 ` Zach Swanson
2002-02-02 19:18 ` Richard Riehle
2002-02-04 4:43 ` Richard Riehle
2002-01-31 14:37 ` Marin David Condic
2002-01-31 15:14 ` Ted Dennison
2002-01-31 17:16 ` Marin David Condic
2002-01-31 18:32 ` Steve O'Neill
2002-01-31 18:27 ` Warren W. Gay VE3WWG
2002-01-31 19:22 ` Marin David Condic
2002-01-31 20:40 ` Christopher A. Bohn
2002-01-31 21:08 ` Marin David Condic
2002-02-01 14:22 ` [off-topic - to lighten the air] Wes Groleau
2002-02-01 2:31 ` Ada's Slide To Oblivion Richard Riehle
2002-02-04 16:51 ` Jerry Petrey
2002-02-04 17:49 ` Richard Riehle
2002-02-04 18:24 ` Marin David Condic
2002-02-05 9:04 ` DPH
2002-02-05 14:46 ` Marin David Condic
2002-02-05 16:37 ` Wes Groleau
2002-02-05 17:22 ` Marin David Condic
2002-02-05 18:42 ` Preben Randhol
2002-02-06 21:37 ` Warren W. Gay VE3WWG
2002-02-07 11:30 ` Georg Bauhaus
2002-02-05 13:48 ` Georg Bauhaus
2002-02-06 7:07 ` Anders Wirzenius
2002-02-01 2:26 ` Richard Riehle
2002-02-01 14:27 ` A. Nonny Mouse
2002-02-01 17:18 ` Dale Pontius
2002-02-06 2:37 ` Nick Roberts [this message]
2002-02-06 7:31 ` Ole-Hjalmar Kristensen
2002-02-06 21:27 ` Nick Roberts
2002-02-06 22:03 ` Ian S. Nelson
2002-02-07 1:44 ` Philip Cummins
2002-02-07 13:56 ` Ian Wild
2002-02-07 17:25 ` Ray Blaak
2002-02-07 19:20 ` Hyman Rosen
2002-02-07 21:36 ` David Brown
2002-02-08 10:36 ` Ian Wild
2002-02-08 12:23 ` Ole-Hjalmar Kristensen
2002-02-08 12:51 ` Ian Wild
2002-02-08 14:28 ` Marin David Condic
2002-02-08 15:52 ` Ole-Hjalmar Kristensen
2002-02-08 13:08 ` Nick Roberts
2002-02-08 21:28 ` Matthew Woodcraft
2002-02-08 21:45 ` Nick Roberts
2002-02-08 22:44 ` Darren New
2002-02-09 0:39 ` David Brown
2002-02-18 3:54 ` David Thompson
2002-02-06 14:59 ` Ian S. Nelson
2002-01-31 18:28 ` Warren W. Gay VE3WWG
2002-01-31 2:37 ` Jim Rogers
2002-01-31 15:02 ` Marin David Condic
2002-01-31 18:28 ` Steve O'Neill
2002-01-31 19:41 ` Larry Kilgallen
2002-01-31 19:53 ` martin.m.dowie
2002-01-31 20:06 ` Marin David Condic
2002-01-31 21:06 ` Steve O'Neill
2002-01-31 22:28 ` Marin David Condic
2002-01-31 19:42 ` Marin David Condic
2002-01-31 18:41 ` Warren W. Gay VE3WWG
2002-01-31 19:52 ` Marin David Condic
2002-02-01 18:31 ` Warren W. Gay VE3WWG
2002-02-01 12:28 ` David Gillon
2002-02-01 21:02 ` Marin David Condic
2002-02-02 4:05 ` Adrian Hoe
2002-02-02 12:51 ` Jeffrey Creem
2002-02-04 15:58 ` Marin David Condic
2002-02-02 4:02 ` Adrian Hoe
2002-02-02 17:35 ` tmoran
2002-02-01 1:42 ` Randy Brukardt
2002-02-01 16:56 ` Nick Roberts
-- strict thread matches above, loose matches on Subject: below --
2002-02-06 7:02 Christoph Grein
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox