:: Re: [DNG] Nasty Linux systemd secur…
Forside
Slet denne besked
Besvar denne besked
Skribent: Hendrik Boom
Dato:  
Til: dng
Emne: Re: [DNG] Nasty Linux systemd security bug revealed
On Mon, Jul 26, 2021 at 11:48:53AM -0400, Steve Litt wrote:
> Andreas Messer said on Mon, 26 Jul 2021 09:38:23 +0200
>
>
> >My feeling is, that you can not simply teach someone how to write safe
> >software.
>
> Why not? You can teach a person to do anything else. But maybe not in
> college, because college is built to make money, not to teach. Consider
> the average textbook and compare to the average "For Dummies" book. The
> former makes the subject matter look incredibly complex, justifying the
> professor. The latter makes it easy to learn.
>
> What is needed is a curated document explaining the five or ten or
> twenty things you need to do to be secure, and then how to achieve them
> in a practical world. Let's start with input field cleansing and
> protection from errant pointers and buffer overflow. There are many
> more:


Knowing you, you probably already have a draft of such a document
lying around.

-- hendrik

> It takes some effort to learn, but I doubt it's rocket science
> and one certainly doesn't need to come from a family who can fund
> college plus living expenses for 4 years, or 7, or whatever.
>
> SteveT
>
> Steve Litt
> Spring 2021 featured book: Troubleshooting Techniques of the Successful
> Technologist http://www.troubleshooters.com/techniques
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng