From owner-freebsd-security@FreeBSD.ORG Mon Apr 21 21:28:36 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0532E70F for ; Mon, 21 Apr 2014 21:28:36 +0000 (UTC) Received: from mx1.cksoft.de (mx1.cksoft.de [IPv6:2001:67c:24f8:1::25:1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "mx1.cksoft.de", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id AE7F418F0 for ; Mon, 21 Apr 2014 21:28:35 +0000 (UTC) Received: from m.cksoft.de (unknown [IPv6:2003:41:c010:8001::143:1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.cksoft.de (Postfix) with ESMTP id 542872EBC3E; Mon, 21 Apr 2014 23:28:32 +0200 (CEST) Received: from amavis.ahti.cksoft.de (unknown [IPv6:fdfe:5560:83f7:8001::143:2]) by m.cksoft.de (Postfix) with ESMTP id EAFFDED02C; Mon, 21 Apr 2014 23:28:31 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from m.cksoft.de ([IPv6:fdfe:5560:83f7:8001::143:1]) by amavis.ahti.cksoft.de (amavis.ahti.cksoft.de [fdfe:5560:83f7:8001::143:2]) (amavisd-new, port 10024) with ESMTP id ICH0H+vnwteJ; Mon, 21 Apr 2014 23:28:26 +0200 (CEST) Received: from pohjola.cksoft.de (unknown [IPv6:fdfe:5560:83f7:8001:9816:8c41:ca18:a0af]) by m.cksoft.de (Postfix) with ESMTP id 9B226ED024; Mon, 21 Apr 2014 23:28:26 +0200 (CEST) Received: by pohjola.cksoft.de (Postfix, from userid 1000) id 86B87D7903; Mon, 21 Apr 2014 23:28:26 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by pohjola.cksoft.de (Postfix) with ESMTP id 82C3ED7891; Mon, 21 Apr 2014 23:28:26 +0200 (CEST) Date: Mon, 21 Apr 2014 23:28:26 +0200 (CEST) From: Christian Kratzer X-X-Sender: ck@pohjola.cksoft.de To: "Ronald F. Guilmette" Subject: Re: De Raadt + FBSD + OpenSSH + hole? In-Reply-To: <97711.1398112757@server1.tristatelogic.com> Message-ID: References: <97711.1398112757@server1.tristatelogic.com> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) X-Spammer-Kill-Ratio: 75% MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: Christian Kratzer List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2014 21:28:36 -0000 Hi, On Mon, 21 Apr 2014, Ronald F. Guilmette wrote: > > In message <53546795.9050304@quietfountain.com>, > "hcoin" wrote: > >> ... It is for the community to decide whether it is 'worth it' >> on a case by case basis given there is no way to prove a program >> 'correct' from a security perspective. > > I guess that I was sick that day in software school. > > Did I just hear you tell me that I can't prove the following program > is "secure"? > > > int > main (void) > { > return 0; > } in an ideal world you could propably. The difficulty ist that even above seemingly trival snippet of code is run after initialization of the c runtime library and some pre processing of argc, argv. It gets more complex with c++ contstructors run before main. If gets even more complex the more software components interact in wierd and wonderfull ways. Greetings Christian -- Christian Kratzer CK Software GmbH Email: ck@cksoft.de Wildberger Weg 24/2 Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart Mobile: +49 171 1947 843 Geschaeftsfuehrer: Christian Kratzer Web: http://www.cksoft.de/