[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Coding securely, was Linux (in)security
- To: Valdis.Kletnieks@vt.edu
- Subject: Re: [Full-Disclosure] Coding securely, was Linux (in)security
- From: Ben Laurie <ben@algroup.co.uk>
- Date: Wed, 29 Oct 2003 12:08:20 +0000
Valdis.Kletnieks@vt.edu wrote:
> On Tue, 28 Oct 2003 17:44:55 +1300, Steve Wray <steve.wray@paradise.net.nz>
> said:
>
>
>>Is it beyond all possibility that there exist languages in which
>>the very reverse is true? ie Languages in which one would have to
>>reimplement data types and so forth in order to be able to write
>>insecure code?
>>
>>Can there exist such a language?? I reckon so.
>
>
> No.
>
> All programming languages that are Turing-complete (basically, anything that
> has a conditional loop) are prone to the Turing Halting Problem.
>
> In other words, you can't prevent DoS-via-infinite-loop based on input.
Duh. That's a complete misunderstanding of the halting problem - which
is, in essence, that you can't write a program which can predict, in
general, whether another program will halt. Its perfectly possible to
write programs that are guaranteed to halt.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html