mailing list archives
Re: Buffer Overflows: A Summary
From: perry () piermont com (Perry E. Metzger)
Date: Wed, 30 Apr 1997 12:34:37 -0400
Aleph One writes:
Again the thing to do is fix the offending code. The OpenBSD
project and some other teams have done a great job in this area.
They have systematically gone through their code base looking for
possible vulnerabilities. Not only have the fixed dozens of possible
holes, at the same time they have made their software more reliable.
Reliability and security go hand in hand.
NetBSD has been doing more or less the same thing. We are currently
working on eliminating as many SUID programs as possible, replacing
them with solutions that if possible require fewer SUID executables on
a machine. Less trusted code means less code which could go wrong
which means more reliablity.