> Here is what I mean when I say if it is unix it is a sieve...
[Entire 8lgm advisory deleted]
Well, I think that the problem is that too many people arent taught proper
programming to begin with.. Almost every hole that has come out in the last
2 or 3 years is because people that wrote programs assume that all data is
This hole that was mentioned was a prime example of that.. All data is valid,
so dont check for size.. If programmers start assuming that all data is
invalid, until proven valid, then security will be a lot easier to manage..
The idea of 'error checking' implies that you check for errors, not checking
Just my opinion..