Re: EMERGENCY: new remote root exploit in UW imapd

To: BUGTRAQ@xxxxxxxxxxxx
Subject: Re: EMERGENCY: new remote root exploit in UW imapd
From: "Perry E. Metzger" <perry@xxxxxxxxxxxx>
Date: Thu, 16 Jul 1998 23:04:20 -0400
Approved-by: aleph1@DFW.NET
In-reply-to: Your message of "Thu, 16 Jul 1998 17:35:04 PDT." <199807170035.RAA05041@bangkok.office.cdsnet.net>
Reply-to: perry@xxxxxxxxxxxx
Sender: Bugtraq List <BUGTRAQ@xxxxxxxxxxxx>

Craig Spannring writes:
> C should not be used for trusted programs.

Unfortunately, there are not really good open source alternatives. GCC
is everywhere.

One thing that I wonder about, though, is that several years ago, some
guy in the U.K. did a bounds checking version of GCC. It would be Very
Neat if someone were to track that down and get the egcs people to
make it available.

In the long run, I'm hoping for Java front ends for GCC that make it
possible to do reasonable open source programming in a reasonable
language. Until then...

Perry

Follow-Ups:
- Writing safe code: Java? (was: Re: EMERGENCY: new remote root exploit in UW imapd)
  - From: Art Werschulz

References:
- Re: EMERGENCY: new remote root exploit in UW imapd
  - From: Craig Spannring

Prev by Date: Re: EMERGENCY: new remote root exploit in UW imapd
Next by Date: Re: New Java Security Flaw Found
Previous by thread: Re: EMERGENCY: new remote root exploit in UW imapd
Next by thread: Writing safe code: Java? (was: Re: EMERGENCY: new remote root exploit in UW imapd)
Index(es):
- Date
- Thread