Re: How to develop a random number generation device

On Sun, 16 Sep 2007 18:45:03 +0000, Rich Grise wrote:

On Sat, 15 Sep 2007 18:31:41 +0100, Nobody wrote:

If it helps, that question can be rephrased as whether an OS (any OS)
can "make unsafe code impossible", which is a different property to either
of those given.

The answer is "Yes, with proper hardware support".

The answer is "No, regardless of hardware support".

Why is it that for three days now, you've been resisting accepting the
right answer?

I should ask the same of you.

Or, avoiding loaded terms like "right answer" ...

Why is it that for three days now, you've been resisting accepting that
the problem with "buffer overruns" isn't about segfaults (they aren't a
problem; process misbehaves, process gets SIGSEGV, process dies; good
riddance), it's about intra-process overruns.

Look at the Wikipedia article for "buffer overrun". Or search the BugTraq
archives for that term. This isn't about process isolation, it's about a
process trashing its own memory in response to "bad" input.

Windowholic? ;-)

Checked my User-Agent headers? ;-)

FWIW, I use both Linux and XP; Linux if I can, XP if I have to.

I'm by no means enamoured of Windows, but suggesting that it lacks the
process isolation found in Linux or MacOSX is incorrect (95/98/ME were
partially lacking in this regard, but not the NT/2K/XP branch). Windows
has plenty of problems, but lack of memory protection isn't one of them.

If you think that the "buffer overrun" problem is somehow specific to
Windows, try searching for "buffer overrun" and "buffer overflow" along
with "linux". Or take a glance at the GLSA list:

http://www.xatrix.org/advisories.php?s=Gentoo


.

Relevant Pages