[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: OpenLDAP-specific API

To: <hyc@highlandsun.com>
Subject: RE: OpenLDAP-specific API
From: "Pierangelo Masarati" <ando@sys-net.it>
Date: Fri, 14 Mar 2003 09:41:14 +0100 (CET)
Cc: <daveh@ci.com.au>, <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <008c01c2e9ba$43504c80$0e01a8c0@CELLO>
References: <20030314085210.D8543@mippet.ci.com.au> <008c01c2e9ba$43504c80$0e01a8c0@CELLO>

>> -----Original Message-----
>> From: owner-openldap-software@OpenLDAP.org
>> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Dave
>> Horsfall
>
>> > The rule for the OpenLDAP project is correctness first,
>> > performance second.
>>
>> I'd rather see security ahead of correctness, or is that just me?
>> Your code can be both correct and fast, but it's useless to me if it
>> opens up a potential attack.
>
> I think you missed the point of my post. Code that is vulnerable to
> buffer overrun attacks cannot by any measure be considered correct. In
> that respect, security and correctness are one and the same. I was not
> defining
> "correctness" in my previous post.

I think we can agree on considering "secure" a subset of "correct":
an incorrect code is by no means secure.

Ando.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it

References:
- Re: OpenLDAP-specific API
  - From: Dave Horsfall <daveh@ci.com.au>
- RE: OpenLDAP-specific API
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: Re: Schema for Postfix
Next by Date: entry unique ID
Index(es):
- Chronological
- Thread