|
|
|
|
|
|
by unused0
2449 days ago
|
|
|
I would argue that Multics security was due more to the ring and gate hardware architecture, that security was designed into the software from day 0 (rather then being grafted in afterwards), and code review practices. Reading the Multics B2 security analysis reveals that the review team did find security holes in Multics which were fixed as part of the review process. Recently, a buffer overflow vulnerability was found in the Multics CKermit implementation, despite it's being written in PL/I. Security is hard, and is achieved through good programming, not by (just) trusting tools. |
|
|
I guess it was in unsafe code with disabled bounds checking, which in C is every line of code.