Subject: Re: FreSSH and bounds checking
To: None <current-users@netbsd.org>
From: Wolfgang Rupprecht <wolfgang+gnus20020308T064115@wsrcc.com>
List: current-users
Date: 03/08/2002 06:46:13
> Even if OpenSSH were written in a higher level language, vulnerabilities
> would still occur (e.g. CGI scripts and PHP), and if it still ran with
> root privileges most of the time, those vulnerabilities would still be
> just as troublesome.

Gcc does have a patch for turning it into a run-time bounds checker.

        http://www.gnu.org/software/gcc/projects/bp/main.html

I don't know if one would necessarily want to run with the bounds
checks on in a production system, but running it on the development
systems might flush out a few bounds violation bugs.

-wolfgang
-- 
       Wolfgang Rupprecht <wolfgang+gnus@dailyplanet.wsrcc.com>
		    http://www.wsrcc.com/wolfgang/
Coming soon: GPS mapping tools for Open Systems. http://www.gnomad-mapping.com/