on Sat, Sep 22, 2001 at 09:48:39AM +0100, MJ Ray scribbled:
OK, maybe we should say these are Microsoft problems. Trouble is, "Microsoft Virus" sounds so much like one of their products, doesn't it? Maybe it is and they are keeping the anti-virus makers in business ;-)
Like the thing they distributed with windows 3.11? MS(A)V? :)
Yes, ultimately the programmer is responsible, but can you name any other company which so fiercely defends the rights of their programmers to create such cock-ups, are reluctant to fix them once found and prevent others from fixing them?
No, this is admittedly one of the distinct advantages open source (or software available under a license that allows you to patch your own copy). Or maybe people who can binary patch machine code directly will be in more demand in the future?
I'm intrigued though: why is the ability to create buffer overflows linked to being able to create authentication systems? Maybe I've just not thought about it enough.
Well, with a c program, the first exploitable bug you are likely to find is a buffer overflow. With perl, you move into the realm of shopping carts, webmail and so on. Quite often authentication mechanisms are insufficient, poorly thought out. Also there's the old open(HANDLE, $userstring); thing (where $userstring is set to "/bin/rm -rf / |") eg: http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=205785 http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=214155 http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=214456 so maybe the first two aren't perl, but I doubt they're c. (yay, securityfocus is now lynx browsable)
I'm just really trying to say, no matter what language you use, unless your programmer is clued up on security and the issues specific to that language and security generally, there is likely to be one of a common set of flaws.