Re: The Register: OpenVMS among most-secure of operating systems
From: Bob Ceculski (bob_at_instantwhip.com)
Date: 01/09/04
- Next message: DaviS*: "Re: Vaxstation some question..."
- Previous message: Bob Ceculski: "Re: The Register: OpenVMS among most-secure of operating systems"
- In reply to: Andrew Harrison SUNUK Consultancy: "Re: The Register: OpenVMS among most-secure of operating systems"
- Next in thread: Wayne Sewell: "Re: The Register: OpenVMS among most-secure of operating systems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 9 Jan 2004 06:16:00 -0800
Andrew Harrison SUNUK Consultancy <Andrew_No.Harrison_No@nospamn.sun.com> wrote in message news:<btk2br$a43$1@new-usenet.uk.sun.com>...
"The other significant feature of these operating systems is the
language in which they are written. The two from IBM are both written
in assembler and OpenVMS uses a range of about ten languages, one of
which is C.
C and similar languages that use pass-by-value techniques are
exceptionally prone to buffer overflow and the consequent potential
for unauthorized users to execute either their own malicious code or
other programs which run with enhanced access privileges. Avoiding the
use of these languages at the most vulnerable points, namely user I/O
and network I/O, would appear to be wise. Linux, Unix and Windows are
almost entirely written in C, and most of their middleware and
application software is also in these vulnerable languages, so it
should come as no surprise that they are less secure than OpenVMS,
OS/400 and zOS.
The other operating system that had very few vulnerabilities is
Apple's OS 9, with the Secunia database showing just one in 2003 and
none in 2002. Again this is a proprietary operating system and the
decisions and integration of security rest with one organisation which
does not have to concern itself with compatibility with other vendors.
Apple recently moved to a Unix-based operating system, OS X, and the
24 vulnerabilities reported for it by Secunia in 2003 are a very
telling comment."
- Next message: DaviS*: "Re: Vaxstation some question..."
- Previous message: Bob Ceculski: "Re: The Register: OpenVMS among most-secure of operating systems"
- In reply to: Andrew Harrison SUNUK Consultancy: "Re: The Register: OpenVMS among most-secure of operating systems"
- Next in thread: Wayne Sewell: "Re: The Register: OpenVMS among most-secure of operating systems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
