undefined | Better HN

0 pointspjmlp3y ago0 comments

Do you know one of the reasons why Multics had a better security score than UNIX on DoD assement?

PL/I does bounds checking by default.

0 comments

For reals. The fact that C toolchains have never even offered a bullet-proof bounds-checked (no UB) mode, no matter what the slowdown, boggles the mind. For something like sudo, literally running 100x slower would not be an issue. Its highest priority should be security.

pjmlpOP3y ago

I have come to conclude that WG14 literally doesn't care about security, for them C should stay as a kind of portable macro assembler with amenities, and the same security guarantees as writing raw Assembly code.

Even the pseudo secure Annex K, requires separate arguments for actual length and max buffer length, thus defeating the purpose of being library functions for secure code.

Just having one of the many libraries that provide secure strings and vector handling, so that libraries can rely on a common vocabulary types would be an improvement.

encryptluks23y ago

100x slower would definitely be an issue. I am prompted for my sudo password probably 30x daily.

kaba03y ago

Come on, wtf? Your computer can literally emulate another architecture in real time and you think sudo 100x slower would be humanly sensible? Computers literally wait eons for human inputs in the majority of times.

I assume you actually think that sudo takes the time it does, but you just likely entered your password wrong and are made to wait deliberately through a sleep. Are we really that bad at ball parking code execution times?!

andrewaylett3y ago

I just checked, and on the machine I'm sitting at 100x slower would mean it took 0.1s of CPU time.

bee_rider3y ago

How long does sudo take to load on your system. Multiply that by 3000, is it really a noticeable number?

Izkata3y ago

Seems to float around 0.005s (using "time sudo -k" to avoid timing user input), so yeah, x3000 = 15 seconds. Very noticeable.

Or even the x100 from (G)GP, that's a half second. Sometimes spiking to a full second.

4 more replies

j / k navigate · click thread line to collapse