[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Coding securely, was Linux (in)security

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] Coding securely, was Linux (in)security
From: Brett Hutley <brett@hutley.net>
Date: Thu, 30 Oct 2003 17:12:37 +1100

Steve Wray wrote:

*snip*

I think that most programmers approach programming, mentally if not practically, from the silicon upwards. They are not thinking so much about the logical structure of their programs, but of the effect of the program on the hardware that it runs on; they are viewing the program/computer something like a 'clockwork' machine and they are arranging the cogs and gears and things. This is just me guessing, I can't see inside other peoples heads. The approach I saw in functional languages was a linguistic approach; the program is a set of sentences in a formal language and one can use the tried and tested methods of algebra and formal logic to reason about a program and (importantly) to *calculate* program components from specifications.

These days I try and create programmatic constructs to match the linguistic way I think about the problem in my head. With OO-style languages like C++ or Java, some linguistic constructs come out as objects, others as methods.

At some point in most programs you need to deal with messy stuff like GUI's/user input or file parsing, etc. Then the bug of programming smacks into the windscreen of dealing with the hardware/software environment and you need to cope with all kinds of messy API's and error conditions. The next thing you know, the users have redefined their requirements, and all your nice programming abstractions are now completely obsolete *sigh*. That's one of the benefits of design patterns - they're a good source of abstractions that are flexible and long-lived.

I don't necessarily think that secure programming is *hard*, but it does take quite a bit of knowledge. Buffer overflows are only one issue against the larger backdrop of input validation. Having a good understanding of crypto is becoming more and more important... and with it being able to use a library like openssl. There's priviledge seperation, and temporary file issues. There's SSPI on Windows and Kerberos on Unix.... the list goes on and on. Fortunately there are some good books that have come out in the last few years that provide a good overview of sources of vulnerabilities and techniques for dealing with them. I quite like "Secure Programming Cookbook for C and C++" by Matt Messier and John Viega. These guys have started a website at http://www.secureprogramming.com/ .

Cheers, Brett
--
Brett Hutley [MAppFin,CISSP,SANS GCIH]
mailto:brett@hutley.net
http://hutley.net/brett


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] Coding securely, was Linux (in)security
  - From: Steve Wray <steve.wray@paradise.net.nz>

Prev by Date: RE: [Full-Disclosure] Coding securely, was Linux (in)security
Next by Date: Re: [Full-Disclosure] Coding securely, was Linux (in)security
Previous by thread: RE: [Full-Disclosure] Coding securely, was Linux (in)security
Next by thread: Re: [Full-Disclosure] Coding securely, was Linux (in)security
Index(es):
- Date
- Thread