On Mon, 10 May 2004, Jeremy Pullicino wrote:
Buffer overflows are a result of incompetent programming and not macro
expansion so the DVP people are wrong on this point.
It's the result of incompetent programming with a dangerous language
such as C. While there are other things to screw up with bounds
checking languages (like Python or the Perl reference implementation),
buffer overflows at least are eliminated.
The most common security problem I've seen with high level language
implementations is passing shell meta-chars along to a shell, or
passing client data to an eval().
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.