Subject: Re: integrating PAM
To: NetBSD-current Discussion List <email@example.com>
From: None <firstname.lastname@example.org>
Date: 01/27/2003 15:48:14
On Mon, Jan 27, 2003 at 06:24:52PM -0500, Greg A. Woods wrote:
> Not only that but we're talking about the most security sensitive
> user-level software in the whole OS! Secure programming is HARD.
> Secure programming in C is VERY HARD. Having a difficult API for such
> software makes it almost a certainty that even experts will eventually
> make mistakes which affect the security of the system.
Secure programming in /bin/sh is super-easy.. who needs debuggers anyway?
If the API is that bad, it seems like it would be a good topic for
something like a Usenix paper.