To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/os/0,39024651,39126619,00.htm

Students find 44 Unix flaws
Who says all they do at uni these days is sleep and drink?

By Robert Lemos

Published: Friday 17 December 2004

Students of iconoclastic computer scientist Daniel Bernstein have found some 44 security flaws in various Unix applications, according to a list of advisories posted online.

The flaws, which range from minor slip-ups in rarely used applications to more serious vulnerabilities in software that ships with most versions of the Linux operating system, were found as part of Bernstein's graduate-level course at the University of Illinois at Chicago.

The advisories regarding the flaws were dated Wednesday and can be found on the website of student James Longstreet. Bernstein, a professor of computer science at the university, did not immediately respond to inquiries about the vulnerabilities.

The latest crop of security flaws comes two days after a software-testing company announced that it had found 985 flaws in the latest Linux kernel during the past four years using the company's analysis software. While the number seems high, the company said it is far lower than the number associated with most commercial software.

Each person in the class during the autumn semester had to find 10 flaws, a task that counted toward 60 percent of their grade for the class, according to class notes posted on Bernstein's website. With only 44 flaws discovered among a reported 25 students, the students better hope for a generous curve.

Robert Lemos writes for CNET News.com.