[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: rudeness in changelogs

* Steve Langasek:

[DJB's vulnerability research course]

> Considering the assignment AIUI was "find security holes",

I think the assignment was "find potential security holes and prove
that they are security holes, by writing exploits".  The first part is
easy, just compile any sufficiently obscure software with
-Wformat-literal (running RATS is also a good idea).  The second part
is harder.  Most of the time, it's easier to rewrite the code in
question so that it has no (obvious) security problem, potential or

Reply to: