Johan Peeters writes: > at FOSDEM, we discussed how I might help to improve free Java's > security. It seems to me that, for the edifice to be secure, the > native layer's security is absolutely essential. I scanned the native > directory with RATS (Rough Auditing Tool for Security - > http://securesoftware.com) and found a few potential vulnerabilities, > e.g. regarding the use of strcpy, fprintf, getenv and sprintf. Is > this worth investigating further, or has it been covered?
I would have thought this very much worth investigating. However, Classpath is used with a number of native layers, all very different. Andrew. _______________________________________________ Classpath mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/classpath
