[EMAIL PROTECTED] (Bill Sconce) writes: > There are very few ways to get buffer overflows. > 1. Use assembly language. > 2. Use C.
Obviously, in many circles, "C" is referred to as "high-level assembly language"... > What's depressing is that we keep doing the same thing over > again ("we'll still use C, but we'll be really careful this > time, or we'll use Purify, or...") and expecting a different > result. I've read that this is one definition of insanity. If somebody were to wave a magic wand and magically add bounds checking to all C implementations, I'd still feel more comfortable if people were to attack these problems by adjusting their development and testing methodologies. > Writing correct, secure software isn't easy. Writing software > which doesn't overrun buffers IS easy. I wouldn't say that the latter case is easy either. Writing such code requires a lot of attention to detail. Regards, --kevin -- If you want to program in C, program in C. It's a nice language. I use it occasionally... :-) --Larry Wall in <[EMAIL PROTECTED]> _______________________________________________ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss