On Mon, Jan 27, 2003 at 06:24:52PM -0500, Greg A. Woods wrote:
> Not only that but we're talking about the most security sensitive
> user-level software in the whole OS!  Secure programming is HARD.
> Secure programming in C is VERY HARD.  Having a difficult API for such
> software makes it almost a certainty that even experts will eventually
> make mistakes which affect the security of the system.

Secure programming in /bin/sh is super-easy.. who needs debuggers anyway?

If the API is that bad, it seems like it would be a good topic for
something like a Usenix paper.

Ben