On Tue, 23 May 2000 03:13:33 +0200, Jacob Palme
<jpalme(_at_)dsv(_dot_)su(_dot_)se> said:
That would mean that every time you execute any program, you would
have to get an analysis of its possible harmful effects and decide
whether to accept it. Possibly, the system could be designed so
that a checksum is stored with every executable program, and you
do not have to answer this question if the checksum has not
changed since the last time you executed the same program.
This idea isn't as secure as it seems. For any given useful
program 'foobar' that you are invoking again, you probably have
different input data (otherwise, why are you bothering running
it again to get the same result as last time? ;)
Remember that in 98% of the now-boring 'Yet Another Buffer Overflow'
cases, the checksum and permitted actions for the program were
unchanged, had been unchanged for possibly YEARS - but the program
coughs up a hairball when stressed with different input data.
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech