Actually KM has a valid point
Evaluated Code at the B2, B3 and A1 levels DOES include code review
for MAC control internal to the host (Which does include buffer
overwrites and stack overflows)
Persoal Opinion provided by
Gemini Computers Inc.
On Fri, 21 Feb 1997, Fir E. Walls wrote:
> > I also feel a discussion of multilevel security is valid and useful for those
> Great! Then enjoy a discussion, by all means.
> But the discussion of multi-level security which you find so interesting
> has little to do with my question (and I should know, since it is my
> However, since you appear to believe that my questions and technical
> interests are yours to hi-jack according to your agenda, then
> go ahead and start a thread on anything you wish.
> The discussion I am interesting in (since the original comment were
> mine) is buffer overflowing on the stack and what vendors are doing
> to insure this vunerability is mitigated in their code (period).
> > KM