Posted Nov 4, 2007 21:43 UTC (Sun) by man_ls
In reply to: Bernstein right? Maybe, but Theo is too, mostly
Parent article: Daniel Bernstein: ten years of qmail security
Bugs cause something unexpected to happen.
In the vast majority of cases, bugs cause something expected not to happen
. You press the button, it doesn't work. These bugs normally don't pose security risks.
Examples are good for illustration, and yet often they are not so good for proof. In your example something expected does not happen (exception logging), and yet it poses a security risk. The key is in the part where you say:
Your buggy software
cannot convert this into a Unicode string, so it ends up in an exception handler that you never realised could be called under such circumstances.
Here is really where something unexpected is happening.
In short, the vast majority of bugs result in minor failures which don't compromise the application. Treating all bugs as having the same priority ("security critical") leads to the kind of version paralysis we can see in OpenBSD; the rest of the world just moves along.
to post comments)