Deutsch   English   Français   Italiano  
<wwv8qlla671.fsf@LkoBDZeT.terraraq.uk>

View for Bookmarking (what is this?)
Look up another Usenet article 
Path: news.eternal-september.org!eternal-september.org!feeder3.eternal-september.org!nntp-feed.chiark.greenend.org.uk!ewrotcd!nntp.terraraq.uk!.POSTED.tunnel.sfere.anjou.terraraq.org.uk!not-for-mail
From: Richard Kettlewell <invalid@invalid.invalid>
Newsgroups: comp.os.linux.misc
Subject: Re: VMS
Date: Sat, 21 Jun 2025 08:45:38 +0100
Organization: terraraq NNTP server
Message-ID: <wwv8qlla671.fsf@LkoBDZeT.terraraq.uk>
References: <wCqdnYde9MIbmND1nZ2dnZfqnPadnZ2d@giganews.com>
	<102ka4k$9umt$2@dont-email.me> <87tt4i9nw5.fsf@eder.anydns.info>
	<102l0h9$fjtb$5@dont-email.me>
	<Z2udned3u9ZgqtP1nZ2dnZfqnPudnZ2d@giganews.com>
	<slrn1054j9c.3ce8.candycanearter07@candydeb.host.invalid>
	<PpudnVnCnvuYxc_1nZ2dnZfqnPudnZ2d@giganews.com>
	<wwva564xjps.fsf@LkoBDZeT.terraraq.uk>
	<4_GdncCsf-Nqe8n1nZ2dnZfqnPSdnZ2d@giganews.com>
	<10338ls$lpbg$4@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Injection-Info: innmantic.terraraq.uk; posting-host="tunnel.sfere.anjou.terraraq.org.uk:172.17.207.6";
	logging-data="157564"; mail-complaints-to="usenet@innmantic.terraraq.uk"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
Cancel-Lock: sha1:6yv4mLudmTb8+EIZQn3bdC+ZLQU=
X-Face: h[Hh-7npe<<b4/eW[]sat,I3O`t8A`(ej.H!F4\8|;ih)`7{@:A~/j1}gTt4e7-n*F?.Rl^
     F<\{jehn7.KrO{!7=:(@J~]<.[{>v9!1<qZY,{EJxg6?Er4Y7Ng2\Ft>Z&W?r\c.!4DXH5PWpga"ha
     +r0NzP?vnz:e/knOY)PI-
X-Boydie: NO

The Natural Philosopher <tnp@invalid.invalid> writes:
> On 20/06/2025 05:43, c186282 wrote:

>>> The software industry has been trying this for decades now. It does
>>> not work.
>>    At some point, soon, they need to start flagging
>>    the unsafe functions as ERRORS, not just WARNINGS.
>
> The problem is that C was designed by two smart people to run on small
> hardware for use by other  smart people.

Well, maybe, but the original Unix team still ended up with buffer
overruns in their code. There’s a famous one in V7 mkdir, which ran with
elevated privileged due to the inadequate kernel API. I’ve not tried to
exploit it but it’s a pretty straightforward array overrun so almost
certainly exploitable to escalate from a mortal user to root.

-- 
https://www.greenend.org.uk/rjk/