I would explicitly qualify "not exploitable" as "not exploitable in a given environment". Developers will generally have to make some assumptions when writing code. Take that code to an environment where one of the assumptions is invalid and there might be an exploit. I don't see how writing something that is absolutely "not exploitable" is any more possible than "total security". --Matt > -----Original Message----- > From: John Viega [mailto:viegaat_private] > Sent: Friday, December 27, 2002 12:44 PM > To: Rahul Chander Kashyap > Cc: secprogat_private > Subject: Re: Writing Secure code > > > Of course it's possible to write something that's not exploitable. > However, it's tougher than most people think. For example, I've seen > applications that the authors assumed were not networked whatsoever, > and had no special local privilege. However, if the files they read > and wrote were stored on a remote file system such as an SMB mount, > then their otherwise non-networked program was completely exploitable. > > John > > On Friday, December 27, 2002, at 07:46 AM, Rahul Chander Kashyap wrote: > > > Hi people, > > > > I've been going through some articles on how to write secure code esp. > > from: http://www.shmoo.com/securecode/ > > > > I am looking for something more specific for the windows platform. Are > > there any specific guidelines/standards that one could follow? > > > > And one more thing...<this one might be intresting ;-)> Is it possible > > to write code that is completely secure and not exploitable? > > > > Thanks for parsing thru my mail :-) > > > > Regards, > > > > Rahul Kashyap > > > > www.nsecure.net > > ------------------------ > > Layered Defence > > ------------------------ > > > > > >
This archive was generated by hypermail 2b30 : Fri Dec 27 2002 - 22:05:18 PST