Subject: Re: FreSSH
To: None <current-users@netbsd.org>
From: Peter Seebach <seebs@plethora.net>
List: current-users
Date: 03/08/2002 00:12:14
In message <mtueliv8vfl.fsf@kinki-sharyo.mit.edu>, "Nathan J. Williams" writes:
>I'm always stunned that people can write what they consider to be
>security-important code in a language with as many safety pitfalls as
>C. While [Open]SSH has had a handful of logic vulnerabilites, there
>have also been quite a few bounds-check vulnerabilites of the kind
>that language designers have known how to avoid for nearly thirty
>years.

C is probably mostly used for speed and portability; yes, you can make
mistakes, but in the end, all bounds errors are logic errors in C; you
forgot to think through the logic of ensuring your bounds correctly.

I don't think I've had a bounds overflow problem in C in ten years.  It's
just not that hard to avoid, *if* you understand what you're doing.

-s