On Wed, 27 Mar 2002, Blue Boar wrote: >> Hello? I think you do not really understand what I was trying to say - try >> 'Turing "halting problem"' in google.com. > > What he is trying to get at is that you can define a fixed amount of > time as a maximum, and simply kill the process at that point, if you > don't have an answer yet. My (ironical) question about finding the answer to the halting problem in finite time was a response to this one single particular claim about finding all exploitable vulnerabilities in any local privileged program. Of course, it is possible to perform simplified run-time or source code analysis when you make certain risky and very simplified assertions, and many applications, including this one, will help you do that. This does not change the fact that the initial claim is completely bogus, especially in the case of such a simple run-time tool. But I am not sure Mixter meant what you said. Let me quote: " Then again, of course you can write a little program to enumerate processes in the group of the shell process running the library interception tests, then check their activity time and send them appropriate signals to continue when they stall..." - which sounds more like he's referring to some strange situation in which the program stops executing and has to be resumed (perhaps by sending SIGCONT?). -- _____________________________________________________ Michal Zalewski [lcamtufat_private] [security] [http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};: =-=> Did you know that clones never use mirrors? <=-= http://lcamtuf.coredump.cx/photo/
This archive was generated by hypermail 2b30 : Wed Mar 27 2002 - 16:50:18 PST