[Haskell-cafe] GHC 7.0.1 developer challenges
Nils Anders Danielsson
nad at Cs.Nott.AC.UK
Thu Nov 25 12:07:43 CET 2010
On 2010-11-25 01:59, John D. Ramsdell wrote:
> The irony of this situation is deep. CPSA is a program that analyzes
> cryptographic protocols in an effort to expose security flaws. To
> ensure that the program does not crash a user's machine, I have to use
> a linker option that may expose the user to some security problems.
Is CPSA intended to be run by untrusted users (for instance with the
setuid bit set)?
http://hackage.haskell.org/trac/ghc/ticket/3910
http://www.amateurtopologist.com/2010/04/23/security-vulnerability-in-haskell-with-cgi/
--
/NAD
More information about the Haskell-Cafe
mailing list