Security is the bits you disable before you ship

Florian Weimer fw at
Tue Mar 15 15:36:22 EST 2005

* Peter Gutmann quotes CNET:

>   GCC 4.0 also introduces a security feature called Mudflap,  [...]

> So you have an interesting definition of a security feature as "the
> bit you disable before the product goes into the environment where
> it'll be subject to attack".

Actually, mudflap is not a security feature (and I'd be surprised if
Mark claimed it was).  It's a debugging tool, not a silver bullet.
mudflap simply wasn't designed to stop buffer overflow exploits (or to
make them at least somewhat harder), but to find memory management

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list