* Steve Langasek: [DJB's vulnerability research course]
> Considering the assignment AIUI was "find security holes", I think the assignment was "find potential security holes and prove that they are security holes, by writing exploits". The first part is easy, just compile any sufficiently obscure software with -Wformat-literal (running RATS is also a good idea). The second part is harder. Most of the time, it's easier to rewrite the code in question so that it has no (obvious) security problem, potential or not. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
