The GnuPG bug illustrates the secure composition problem
Security systems are hard to implement.
The currently disclosed vulnerability that exists in applications using GnuPG illustrates what is referred to as the “secure composition” problem.
The secure composition problem states that you cannot be guaranteed a secure system composed of multiple, independently secure applications.
IE, if A is secure, and B is secure, if C = A + B, then C is not necessarily secure…
Here’s a great, detailed explanation of the flaw. Understanding the 4 attack vectors will help illustrate the complexity of building secure systems…
By Core Security Technologies:
CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability
Bill Gross