A role model for security. Almost.

A role model for security. Almost.
Jason Miller, 2005-06-08

Mark Burnett beat me to it. I was planning to write an article on the relationship between good security and paranoia in the not too distant future. However, it appears that at least one other SecurityFocus columnist shares some of my theories on good security. Either that, or he's somehow capable of reading my mind. Paranoia is generally a good thing to have. Regardless, Mark's article got me wondering about what other traits are valuable in the quest for good security.

Expand all | Post comment

A Role Model for Security. Almost. 2005-06-09
Anonymous (1 replies)

Re: A Role Model for Security. Almost. 2005-06-29
Matthew Murphy

A Role Model for Security. Almost. 2005-06-11
xeon (1 replies)

Re: A Role Model for Security. Almost. 2005-06-29
Matthew Murphy (1 replies)

Though it carries a *LARGE* footprint of several gigabytes of VM allocation, the issue is certainly exploitable. Exploitation could be easily detected, but by then, damage has already been done. It isn't very stealthy, but there are still limited applications for its use.

Arbitrary code execution in a mainstream MTA, for whatever reason, is not a good thing to have. Whether it's a real vulnerability or simply a harmless bug, it is undesirable behavior that should be fixed.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/331/32102#32102

Re: Re: A Role Model for Security. Almost. 2006-05-08
Anonymous

A Role Model for Security. Almost. 2005-06-11
Anonymous (1 replies)

Re: A Role Model for Security. Almost. 2005-06-29
Matthew Murphy

A Role Model for Security. Almost. 2005-06-15
Russell Nelson (1 replies)

Re: A Role Model for Security. Almost. 2005-06-29
Matthew Murphy