LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Bad for OSS/FS? Certainly no evidence that proprietary will save us!

Bad for OSS/FS? Certainly no evidence that proprietary will save us!

Posted Sep 18, 2003 3:03 UTC (Thu) by arcticwolf (guest, #8341)
In reply to: Bad for OSS/FS? Certainly no evidence that proprietary will save us! by jtc
Parent article: Remotely exploitable sendmail vulnerability

Unfortunately, though, verifying (and proving) that the source code of a program is correct is not enough, though; you also need to verify both the source *and* the machine code of the compiler being used if you definitely want to be on the safe side. There was an interesting demonstration of this a couple of years ago; I don't recall who it did anymore right now, but with a bit of Googling, it should be possible to find out.

(Log in to post comments)

Bad for OSS/FS? Certainly no evidence that proprietary will save us!

Posted Sep 18, 2003 15:31 UTC (Thu) by proski (subscriber, #104) [Link]

True, but that's the easier part. Verification of logic is much harder than checks to prevent deliberate contamination of the toolchain.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds