[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: java security concerns




Mike McNally writes:
>  > I can
>  > physically remove all the "dangerous" calls from a Postscript
>  > interpreter and still have it be useful.
> 
> I don't see the difference.  An interpreter is an interpreter.

I suppose most of this is dead obvious to me because I work in
security every day, but it seems that some otherwise smart people don't
see the point I'm making, repeatedly.

As an exercise to the reader compare the following two tasks in
difficulty.

1) Find a bug that lets you execute arbitrary programs unintentionally
   from a program that contains instances of the 'fork()' system call.

2) Find a bug that lets you execute arbitrary programs unintentionally
   from a  program that contains *no* instances of the 'fork()' system call.

[hint: it is much harder to get a program to do something that it has
no code at all to do than to get it to do a buggy form of a something
it already does.]

Perry