LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Thanks to SuSE, but how about math?

Thanks to SuSE, but how about math?

Posted Jun 25, 2002 17:50 UTC (Tue) by proski (subscriber, #104)
Parent article: SuSE security update to openssh

I'm glad that SuSE cares more about users than about its own ambitions. I know, it's hard to release an update and say "it's not a complete fix". It's hard to acknowlegde being under pressure and not being informed. But they did it, and it's the right thing. Every cracker in the world who desperately wants to crack some system will do his best to make an exploit before the fix is installed. I'm still waiting for RedHat to release the update.

On a completely unrelated note, it's still hard for me to comprehend that it's easier to add more code and introduce privilege separation than to find all security problems in one particular program, especially if it's written to be secure from the beginning. Privilege separation is a good thing for an OS, where many programs of different quality interact, but privilege separation within one program? Cannot the security be proven, like a mathematical theory? Can it be proven that for any input, the behavior of the software will be deterministic (no random data from memory) and satisfy certain conditions (no access without password)?

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds