openssh and defensive programming (or lack thereof)

Theo de Raadt deraadt at cvs.openbsd.org
Wed Dec 19 10:41:17 EST 2001


Let me be even more clear.

You are basically suggesting that we add "close all file descriptor"
loops to every daemon in our source tree.

For some reason, even when we firmly believe in not using such
"defensive programming" techniques, we have been doing better than the
entire industry.  Perhaps because we don't rely on such code-clogging
techniques, but read and re-read the source code.



More information about the openssh-unix-dev mailing list