|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Nevermind (never
nevermind.kiev.ua)Date: Thu Jan 03 2002 - 12:49:14 CST
Hello, Rob Andrews!
On Wed, Jan 02, 2002 at 01:26:25PM -0600, you wrote:
> and yes I realize libparanoid is in the ports. Note the differences between
> libsafe and libparanoid.. (sorry I've gotten a few replies and yes I know
> about it. but its not similar in _how_ it handles doing the same thing that
> libsafe is doing)
I've talked to Snar(paranoia.ru) few days ago here, and he explained me
why his approach is better then trying to handle "correctly" such
things. I suppose when your app is being attacked with some of buffer
overflow or anything else similar to it, it is better to shutdown to
prevent any further attempts and report failure to administrator rather
then not knowing that app is vulnerable to buf.overflow. Also, you
cannot be absolutely sure of any way of "correct" handling such
situation.
P.S. 2 snar: please, correct me if I wrong.
-- NEVE-RIPETo Unsubscribe: send mail to majordomo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]