:: Re: [DNG] Nasty Linux systemd secur…
Startseite
Nachricht löschen
Nachricht beantworten
Autor: Steve Litt
Datum:  
To: dng
Betreff: Re: [DNG] Nasty Linux systemd security bug revealed
Andreas Messer said on Mon, 26 Jul 2021 09:38:23 +0200


>My feeling is, that you can not simply teach someone how to write safe
>software.


Why not? You can teach a person to do anything else. But maybe not in
college, because college is built to make money, not to teach. Consider
the average textbook and compare to the average "For Dummies" book. The
former makes the subject matter look incredibly complex, justifying the
professor. The latter makes it easy to learn.

What is needed is a curated document explaining the five or ten or
twenty things you need to do to be secure, and then how to achieve them
in a practical world. Let's start with input field cleansing and
protection from errant pointers and buffer overflow. There are many
more: It takes some effort to learn, but I doubt it's rocket science
and one certainly doesn't need to come from a family who can fund
college plus living expenses for 4 years, or 7, or whatever.

SteveT

Steve Litt
Spring 2021 featured book: Troubleshooting Techniques of the Successful
Technologist http://www.troubleshooters.com/techniques