Waiting for perfect appliation code == stupid plan
Posted Jun 3, 2010 13:47 UTC (Thu) by dwheeler
In reply to: Symbolic links in "sticky" directories
Parent article: Symbolic links in "sticky" directories
We've been waiting for several decades for these magical developers who never, ever, ever make a mistake.
We will wait forever.
After all, information on how to write secure programs on Linux is widely available; see my
Secure Programming for Linux and Unix HOWTO, for example.
It's time to change our systems so that the vulnerabilities cannot happen in the first place.
Making the system invulnerable to symlink attacks via /tmp,
harder to exploit via buffer overflows,
Fixing Unix/Linux filenames,
are all part of that.
to post comments)