Re: "random" number seeds vs. Netscape
Nor is there anything inherently wrong with having sex without the use of a condom.
YES! Safe exec! Use software protection;) (Can you tell that when I read this I was LOL!?)
However, it is very difficult -- VERY DIFFICULT -- to prove to yourself that there is never an instance in which your system() or popen() can be abused.
Well...you can tell by looking, certainly that's not true when you need a condem;)
In any case, I find its often more prudent just to strip all these things out of my code. If you don't use them, you don't have to prove they are done properly. Paranoia is your friend. No one can ever break you for doing something you don't do.
That's true, I have to admit that I usually don't use them either. Once you know how they're coded up, and how little code is actually used, it seems silly anyway to call a popen or system and suffer the overhead of the function calls and the loss of control.
The problem arises when you use information given to you from outside as the argument to popen or system without checking it.
Yup, but often, you'd be suprised what turns out to be outside data.
You're singing to the choir. Sigh, Eric Allman's been several times surprised about what turned out to be outside data.
In any case, you obviously also understand why this is bad, but I hope that people out there understan -- always make sure that you are double extra careful about the use of such calls.
Thanks:) Patrick _______________________________________________________________________ / These opinions are mine, and not Verity's (except by coincidence;). \ | (\ | | Patrick J. Horgan Verity Inc. \\ Have | | patrick@verity.com 1550 Plymouth Street \\ _ Sword | | Phone : (415)960-7600 Mountain View \\/ Will | | FAX : (415)960-7750 California 94303 _/\\ Travel | \___________________________________________________________\)__________/
As a hardware type, I'd prefer a diode noise generator over a radioactivity detector. I'd hate for the Fort to be tempted to fudge the latter's output by flooding my house from a black helicopter... But lacking same.... Can you take the time between two effectively async events, and use the low order bits of same? For example, time between a netverk pack arriving and the next tick of the TOD clock? And/or the system's disk IO or such? Or: Choose a site at random. Ping it. Use low order bits of that time with something above. I'm sure most such schemes are not usable. But all it takes is one... -- A host is a host from coast to coast.................wb8foz@nrk.com & no one will talk to a host that's close........[v].(301) 56-LINUX Unless the host (that isn't close).........................pob 1433 is busy, hung or dead....................................20915-1433
-----BEGIN PGP SIGNED MESSAGE-----
As a hardware type, I'd prefer a diode noise generator over a radioactivity detector. I'd hate for the Fort to be tempted to fudge the latter's output by flooding my house from a black helicopter...
No, they'll just flood it with RF and force your diode to act as a detector - then they can feed you anything they like ;) I learned the hard way - keep the transmitters away from a reverse-biased doide acting as a noise generator. Only until I examined the output did I realize it wasn't random. I fixed it, though, by looking at the output and testing its randomness. - -- Ed Carp, N7EKG Ed.Carp@linux.org, ecarp@netcom.com 214/993-3935 voicemail/pager Finger ecarp@netcom.com for PGP 2.5 public key an88744@anon.penet.fi Q. What's the trouble with writing an MS-DOS program to emulate Clinton? A. Figuring out what to do with the other 639K of memory. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMGW/mSS9AwzY9LDxAQGc4gQAjwszSdrT188RrvbTnp9ywwJ99ppixEef V9m59O169LIh4YwIejicJbO7/zC5t99gs15ZnbTWXZim8r+04XrR3AFyRnQFTDfJ WmYmW6gHWR40xBxgVMFUydz9TsZqCxGb+iVQRTeteodgMr6x+zbJ0qa8FWy4UNLr iYfFbjH+okg= =Qv+f -----END PGP SIGNATURE-----
participants (3)
-
David Lesher -
Ed Carp [khijol SysAdmin] -
patrick@Verity.COM