Re: [fw-wiz] FWTK and smap/smapd

From: Marcus J. Ranum (mjr@ranum.com)
Date: 07/19/02 

To: Joseph S D Yao <jsdy@center.osis.gov>
From: "Marcus J. Ranum" <mjr@ranum.com>
Date: Fri Jul 19 10:29:00 2002

Joseph S D Yao wrote:
>without
>commentary providing what you might call the specifications or design,
>or the social contract between the programmer and the user, there is
>nothing against which you can hold a piece of code and say, "THIS IS
>WRONG!" Code is amoral; it has an inherently situational ethic; such
>that even the grossest of buffer overflows can only lead us to conclude
>that the code does it, therefore the code does it. We must provide and
>communicate the moral absolutes against which the code is measured
>right or wrong. And we can communicate this on dead trees, or in
>living commentary.

Hmmm... you've convinced me. I hadn't looked at it from that
angle before.

I guess what was motivating my opinion was some awful early experiences
I had at a small security company where they had folks assigned to audit
UNIX/C code who didn't know anything about UNIX or C. That left an
indelible impression on me. :) In retrospect I'm sure it was just because
those staffers had billable hours to expend and that was it. But ever
since then I figured that if you gave people like that commented code
they'd _audit_ _the_ _comments_ and the whole process is pointless.

But you're right - what we're really talking about is checks and
balances. And if you just give code there's, well, just code...
I retract my previous comments on this topic!!! :) Where's the "undo"
button?!

mjr. 

---
Marcus J. Ranum				http://www.ranum.com
Computer and Communications Security	mjr@ranum.com
Quantcast