LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Students uncover dozens of Unix software flaws (News.com)

Students uncover dozens of Unix software flaws (News.com)

Posted Dec 17, 2004 2:16 UTC (Fri) by gdt (subscriber, #6284)
In reply to: Students uncover dozens of Unix software flaws (News.com) by huffd
Parent article: Students uncover dozens of Unix software flaws (News.com)

That's a rather misleading excerpt, as at the point of the quote the story is discussing the Linux kernel's regression testing.

I read the list of bugs the students found at http://tigger.uic.edu/~jlongs2/holes/. Most of the bugs are well-known issues with the use of C, mainly buffer overflows. Some of the bugs are from trusting external input, a problem in most languages.

Rather than consider the number "small", a more startling statistic is that the majority of the Linux installed base is vulnerable to at least one of the bugs the students in this small class found (prominent programs with flaws are: CUPS, mpg123, mplayer, nasm, xine).

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds