Article delegate-en/1290 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A1289@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: secuirty implications
15 Aug 2001 05:20:53 GMT feedback@delegate.org (Yutaka Sato)


On 08/14/01(23:40) you "Uzoka, Afam" <pbecqbdyi-yavwm67cvvxr.ml@ml.delegate.org> wrote
in <_A1289@delegate-en.ML_>
 |Im trying to find a means of enabling our clients to use ssl via a proxy
 |like Delegate.  It will run on a Linux server.  However what are the
 |security problems associated with Delegate.  In other words does it have any
 |buffer overflow issues.  From what I have researched on the net Delegate is
 |not to be trusted at all because of bugs ( overflow issues) that make the
 |product a secuiry hazard.  However the articles read were about 2 years old.

I've fixed any remotely exploitable buffer overflows as soon as I got
reports about them, but I don't guarantee that no overflows remain.
Maybe there are overflows as long as I'm using the programming language
which allows buffers to overflow.  Thus I've introduced defense mechanisms
which protect overflows from being utilized by attackers.  The main
mechanism is randomizing any addresses of program elements, that is code
and data in static or dynamic area.
See the reference manual for more details:
<URL:http://www.delegate.org/delegate/Manual.htm#defense>

Cheers,
Yutaka
--
  @ @ Yutaka Sato <y.sato@delegate.org> http://www.delegate.org/y.sato/
 ( - ) National Institute of Advanced Industrial Science and Technology (AIST)
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V