C Community's Cavalier Attitude On Software Reliability
Karl Heuer
karl at haddock.ima.isc.com
Mon Mar 5 13:07:18 AEST 1990
In article <8230 at hubcap.clemson.edu> billwolf%hazel.cs.clemson.edu at hubcap.clemson.edu writes:
> 1) Unix. (Example: the problem in which the double-length password
> was used by an intruder to bypass security, taking
> advantage of C's lack of boundary checking)
Every instance that I can think of where a password is required, getpass() is
used. This routine does its own bounds-checking. I don't suppose you have
any more data about this incident?
Karl W. Z. Heuer (karl at ima.ima.isc.com or harvard!ima!karl), The Walking Lint
More information about the Comp.lang.c
mailing list