LCA: Lessons from 30 years of Sendmail
Posted Feb 3, 2011 0:32 UTC (Thu) by dskoll
In reply to: LCA: Lessons from 30 years of Sendmail
Parent article: LCA: Lessons from 30 years of Sendmail
Yet another reason not to use C. For anything.
OK, sure. Avoiding C magically fixes security problems. Not.
Avoiding C greatly reduces the risk of certain security problems (buffer-overflow, stack smashing) assuming the non-C language is implemented securely. It does nothing about other security problems like race conditions, unsafe /tmp files, incorrect input sanitization (eg, SQL injection problems), etc, etc....
to post comments)