On Fri, Sep 05, 2003 at 01:25:24PM +0100, John Bradford wrote:
> > > Are there any buffer overflows or other security holes?
> > > How can you be sure about it?
> >
> > How can you be sure? Mathematical program verification applies quite badly
> > to assembler.
> 
> The point is, if somebody does find a bug they will want to
> re-assemble with Gas after they've fixed it.

If you referring to my precompiled masm binaries, yes, if one wants to
change the source, getting masm is not nice.

But if the source is writting in nasm, nasm (LGPL) can be installed
easily.. 

However, the kernel folks seem to dislike to depend on an additional tool.
Actually that's the answer to my original question. Now I just have to
ponder if I favour the preferences of the kernel over the prefs of user space
programs. There are lots of user space crypto implementations, which are
potential candidates.. and for theses apps an additional dependency on nasm
is no problem.

Regards, Clemens