Replies

1. what is this whole buffer overflow problem. it would seem 99% of all security problems have to do with buffer overflows, is it that hard to program in way to stop these sort of problems.

2. not a flame starter but does linux products run into buffer overflow security problems?

29 posted on 09/09/2005 11:40:39 AM PDT by postaldave (dont ask me, i'm just a simple post birth, tissue mass.)

A buffer overflow occurs when your code does not take into account limits of the language you are using. This usually overwrites some memory which allows the cracker to gain access to the system.

Yes, linux products also have these flaws. It has more to do with the tool you are using for development and the skill of the programmer in trapping them.

The good side to this, though, is that with OSS, the patches are released much sooner than their counterparts in proprietary software. This is due to several factors, not the least of which is that the maintainer of the particular vulnerable product doesn't usually have 16 other priorities on his desk. Once he knows about it, it's fairly simple to fix and release a patch.

30 posted on 09/09/2005 11:51:14 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)

not a flame starter but does linux products run into buffer overflow security problems?

Everything programmed in C or other non-memory-safe languages can have a buffer overflow. It's up to the coders to properly monitor memory allocation, and nobody's perfect.

33 posted on 09/09/2005 12:22:18 PM PDT by antiRepublicrat

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794