at FOSDEM, we discussed how I might help to improve free Java's
security. It seems to me that, for the edifice to be secure, the
native layer's security is absolutely essential. I scanned the native
directory with RATS (Rough Auditing Tool for Security -
http://securesoftware.com) and found a few potential vulnerabilities,
e.g. regarding the use of strcpy, fprintf, getenv and sprintf. Is
this worth investigating further, or has it been covered?
kr,
Yo
--
Johan Peeters bvba
software architecture services
tel:+32 16 64900
http://www.johanpeeters.com
_______________________________________________
Classpath mailing list
address@hidden
http://mail.gnu.org/mailman/listinfo/classpath