Great Circle Associates Firewalls
(October 1997) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: firewalls with linux OS
From: Adam Shostack <adam @ homeport . org>
Date: Mon, 20 Oct 1997 09:08:29 -0400 (EDT)
To: stepken @ edina . xnc . com (Stepken)
Cc: root @ lsd . pbx . org, firewalls @ GreatCircle . COM
In-reply-to: <3449A118 . 1C99A2EA @ edina . xnc . com> from Stepken at "Oct 19, 97 07:56:41 am" 
Your post raises more questions than it answers.

Which CERN code base was checked?  How many guys is several?  Who were
they, and what experience do they have reviewing code?  How much work
went into the 'checking?'  Is there a paper on it?  What kind of bugs
were they looking for?

	The CERN stuff is pretty big.  Theres a lot of code there.
I've done a lot of code reviews, and have written guidelines for doing
it. (http://www.homeport.org/~`adam/review.html).  I've also reviewed
large packages, and missed things.  For example, I was part of a team
that looked at Qmail fairly extensively.  We were chartered to look at
it "as compared to sendmail.  We didn't find a whole lot.  One of the
things we didn't find is the DOS bug that Wietse found.  (We did a
post mortem; have reasons that we missed it, including a rushed
atmosphere, other projects pre-empting qmail reviews, and a lack of
comments in the code so that we spent most of our time figuring out
what the code did, not if it did it right.  But I digress.)

	The point I'd like to make is that reviewing large packages of
code is hard, and that saying a couple of guys went through it and
found nothing worries me more than saying a couple of guys went
through it, found some bugs, and they've been fixed.

Adam


Stepken wrote:
| Mark 'segfault' Guzman wrote:
| > 
| > On Fri, 17 Oct 1997, Stepken wrote:
| > 
| > > Chris Pugrud wrote:
| > > >
| > > Apache is quite stable. You should let it run in chroot() environment.
| > > For security purposes I really only trust CERN-HTTPD. It's the only
| > > one, which is bullet proof.
| > nothing is bullet proof, also i have never had a security problem with
| > sendmail, if you configure it right it doesnt lead to problems.
| 
| CERN source-code was repeatedly checked by several guys and confirmed
| to have no serious bugs. CERN exists over 3 years now and has been found
| to be reliable. I call that bullet proof. Some weeks ago, there were
| alerts on sendmail, some serious threats, depending on the
| configuration. Buffer overflow bugs have not been tested really yet.
| Many programs are still vulnerable by undiscovered bugs.
| 
| cu, Guido Stepken
| 


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume
Follow-Ups:
References:
Indexed By Date Previous: [no subject]
From: MAUGUSTO @ procomp . com . br
Next: RE: 'The best way' to authenticate on a Web Server
From: Bruno Coelho Nunes da Costa <akbal @ visualnet . com . br>
Indexed By Thread Previous: Re: firewalls with linux OS
From: Stepken <stepken @ edina . xnc . com>
Next: Re: firewalls with linux OS
From: Stepken <stepken @ edina . xnc . com>
Google
 
Search Internet Search www.greatcircle.com