security

classpath

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

security

From:	Andrew Haley
Subject:	security
Date:	Mon, 1 Mar 2004 11:05:45 +0000

Johan Peeters writes:
 > at FOSDEM, we discussed how I might help to improve free Java's 
 > security. It seems to me that, for the edifice to be secure, the 
 > native layer's security is absolutely essential. I scanned the native 
 > directory with RATS (Rough Auditing Tool for Security - 
 > http://securesoftware.com) and found a few potential vulnerabilities, 
 > e.g. regarding the use of strcpy, fprintf, getenv and sprintf. Is 
 > this worth investigating further, or has it been covered?

I would have thought this very much worth investigating.  However,
Classpath is used with a number of native layers, all very different.

Andrew.

[Prev in Thread]

Current Thread

[Next in Thread]

security, Johan Peeters, 2004/03/01
- Re: security, Michael Koch, 2004/03/01
- Re: security, Patrik Reali, 2004/03/01
- security, Andrew Haley <=

Prev by Date: Re: Query on stacktrace management logic
Next by Date: Re: Fixing 'make distcheck' w/ newer tar - autotools usage problem?
Previous by thread: Re: security
Next by thread: Re: Query on stacktrace management logic
Index(es):
- Date
- Thread