Well, I didn't mean all versions of all setuid programs or root
daemons. After all, someone could point to the latest version of
almost any security-sensitive program and say that all buffer overflows
have been fixed.
My point was that the level of "poorly written" required to allow
buffer overflows is very low, so much so that even Perl has had
instances thereof.
I should also exempt programs written in safe languages; I'm sure that
(barring buggy compilers or interpreters) all programs written in Ada,
(bounds-checked) Pascal, (bounds-checked) Fortran, (bounds-checked)
Algol, Lisp, Scheme, Perl, Python, or Java will be safe.
Kragen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html