From owner-freebsd-hackers  Fri Aug 14 17:14:28 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id RAA21648
          for freebsd-hackers-outgoing; Fri, 14 Aug 1998 17:14:28 -0700 (PDT)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from smtp04.primenet.com (smtp04.primenet.com [206.165.6.134])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA21636
          for <hackers@FreeBSD.ORG>; Fri, 14 Aug 1998 17:14:22 -0700 (PDT)
          (envelope-from tlambert@usr04.primenet.com)
Received: (from daemon@localhost)
	by smtp04.primenet.com (8.8.8/8.8.8) id RAA02398;
	Fri, 14 Aug 1998 17:13:50 -0700 (MST)
Received: from usr04.primenet.com(206.165.6.204)
 via SMTP by smtp04.primenet.com, id smtpd002368; Fri Aug 14 17:13:42 1998
Received: (from tlambert@localhost)
	by usr04.primenet.com (8.8.5/8.8.5) id RAA29219;
	Fri, 14 Aug 1998 17:13:39 -0700 (MST)
From: Terry Lambert <tlambert@primenet.com>
Message-Id: <199808150013.RAA29219@usr04.primenet.com>
Subject: Re: 64-bit time_t
To: joes@shasta.wstein.com (Joseph Stein)
Date: Sat, 15 Aug 1998 00:13:39 +0000 (GMT)
Cc: brett@lariat.org, mike@smith.net.au, hackers@FreeBSD.ORG
In-Reply-To: <199808141746.KAA20357@shasta.wstein.com> from "Joseph Stein" at Aug 14, 98 10:46:55 am
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> > Security is also a safety issue. Use safe tools, and you're less likely
> > to create security holes.
> 
> There is no such thing as a "safe" tool.  You can write code in assembly
> language and still end up with security holes.  Until someone writes a
> compiler (for *any* compiled language) that will test for every possible
> conceivable security holes (volunteers needed...) there will be security
> holes in *every* application -- that can be fixed when found, using, the
> "unsafe" tool that was used to create it.
> 
> My 2c on this issue.

There is a branch path analysis tool in the comp.sources archives
which will generate full code coverage tests.  It was written as an
example of the utility of the object oriented programming model
used by C++.

Unfortunately, it doesn't work on ANSI C, so you would have to
remove the ANSI-isms that have crept into the FreeBSD kernel, or
you would have to fix the tool.  The tool is not Grammar based,
so fixing it would be a bitch.  Rewriting it would require a strong
mathematical programmer (but I'm busy right now, and all my code
that is in C is K&R compilable, unless it's the result of me
maintaining already ANSI code).


					Terry Lambert
					terry@lambert.org
---
Any opinions in this posting are my own and not those of my present
or previous employers.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message