[tptacek]

One of the major points of the qmail paper is that the structural locked down approach wasn't successful.

(I disagree with the paper in this regard, but it's a weird thing to hang your argument against vulnerability research on).

Georgi Guninski would have a thing or two to say about the applicability of vulnerability research to djb software.

[eduction]

Hi, that’s an interesting assertion but not actually accurate. It is vaguely related to the truth; djb acknowledges that qmail failed to partition in the way he advocates in the paper but says it survived without serious security issues for other reasons:

“ I failed to place any of the qmail code into untrusted pris- ons. Bugs anywhere in the code could have been security holes. The way that qmail survived this failure was by hav- ing very few bugs, as discussed in Sections 3 and 4.”

That’s very different from saying the approach wasn’t successful. It was just not tried (by him). My point is it has been tried in other ways since and seems to be working. To me at least!

(Also you took something I put in parens midway through my post with the opening words “see also” and said I “hang” my argument on it - ok, again interesting, not taking it personally as I’m sure you didn’t mean anything by it!)

[tptacek]

It didn't "survive" in that manner: it wasn't LP64 clean, and had memory corruption vulnerabilities.

[eduction]

You described something the qmail paper said and I corrected you. If the paper is inaccurate that’s orthogonal.

[tptacek]

You're also incorrect about the paper.

Really, the whole argument you're making --- the reason we're talking about Bernstein in the first place --- is broken. Bernstein himself would probably not agree with the take you're trying to derive from the relationship between his work and "enumerating badness".