|
WebApp Sec
mailing list archives
RE: Secure Coding? Bah!
From: "Taco Fleur" <tacofleur () nella net au>
Date: Fri, 23 Jan 2004 16:55:05 +1000
Any application that depends on something that is not written by the
developer itself, i.e. objects, dlls, the parsing engine cannot be 100%
secure.
I am assuming we are talking about application that are dynamic and not
plain static HTML, therefore they always rely on something, the code can be
good and secure, but is the parsing engine free of bugs and exploits, is the
db secure, can the dll be exploited etc. etc.
That's what I reckon anyway, if you see it differently, by all means let me
know about it.
How exactly do you allege that no application can ever be
100% secure? You *do* realize that this depends on many
factors and applications can indeed be secure (yes, that's
right--100%). Protocols, interfaces, and so on can pose
security issues that affect any application, but the
application itself and how it's coded can be completely
secure. Granted, it seems rare that it's the case, but I
guarantee it's more than possible to accomplish.
--
Tim Greer <chatmaster () charter net>
 By Date 
By Thread
Current thread:
- Re: Secure Coding? Bah!, (continued)
RE: Secure Coding? Bah! Taco Fleur (Jan 22)
Re: Secure Coding? Bah! Chris DeVoney (Jan 22)
Re: Secure Coding? Bah! Chris Kirschke (Jan 22)
Re: Secure Coding? Bah! Mark Curphey (Jan 22)
|
Intro
