[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"a skilled backdoor-writer can defeat skilled auditors"?



On 2014-06-04, 09:46, coderman wrote:
> there is a significant difference between engineering for safety,
> conservatively.  and sloppy error prone techniques indicating haste
> and carelessness.
> 
> pointer arithmetic in C may be unavoidable, yet using them
> consistently with thoughtfulness and robustness is always a great
> idea.

Absolutely. My gripe was with the "automatic fail" of the OP.  It's
perfectly fine to say "this code doesn't look as if it was engineered
for safety and you should consider rewriting it", and you can say "I
can't audit this code, it's too complex for me", but you can't, IMHO,
say "I fail this code's audit because it has a number of code smells"
unless absence of code smells was a design requirement or there is
evidence that these code smells are associated with security problems.

Fun,

Stephan
--