|
Secure Programming
Writing Secure code Dec 27 2002 12:46PM Rahul Chander Kashyap (rahul nsecure net) (6 replies) Re: Writing Secure code Dec 27 2002 06:03PM Valdis Kletnieks vt edu (2 replies) RE: Writing Secure code Dec 27 2002 08:51PM Roger Alexander (rta cs colostate edu) (1 replies) RE: Writing Secure code Dec 30 2002 12:41PM Matt McClellan (mmcclellan nfr com) (2 replies) Re: Writing Secure code[update] Dec 31 2002 10:20AM Rahul Chander Kashyap (rahul nsecure net) (2 replies) Re: Writing Secure code Dec 27 2002 05:43PM John Viega (viega list org) (2 replies) |
|
|
Privacy Statement |
> to write code that is completely secure and not exploitable?
Yes.
main() { exit(0); }
is completely secure and not exploitable. Beyond that, you're on your own
:-)
I think what you really mean is "is it possible to write code THAT DOES
SOMETHING USEFUL that is completely secure and not exploitable". In
general, the answer is "no". Any program of even moderate complexity, by
today's standards, includes so much baggage that it's impossible to say with
absolute certainty that it's secure. Even if there's no vulnerabilities in
your code, the stuff you drag in (e.g., DLLs) is highly likely to have
problems.
--Jeremy
[ reply ]