Slashdot Mirror

← Back to Stories (view on slashdot.org)

Secure Programming

Posted by michael on from the self-promotion dept.

viega writes "Matt Messier and I have just launched a secure programming web site. While this site does support our new book The Secure Programming Cookbook for C and C++ , it also serves as a thorough resource for developers. It has numerous links to articles and other topical resources, new recipes that demonstrate secure programming techniques a large glossary and the obligatory web log. We accept outside submissions, and will reward the best recipe submission each month-- O'Reilly will publish it on the O'Reilly Network web site and will give the author a free book. There's already a decent amount of new content, including recipes on avoiding malloc()/new-related integer overflows, watching out for security problems in API differences and issues when truncating data. There's also an RSS feed for the web log."

8 of 360 comments (clear)

  1. Good idea by ljavelin · · Score: 5, Interesting

    It's a good idea to have resources that are committed to security. Although some will claim that languages such as Java or C# prevent security issues, this is simply not true - there are many avenues to building security weaknesses... and those that think they're safe merely by using a particular programming language are in for a nasty surprise.

    Of course, a web site and a few books won't prevent security issues - but the more it gets the word out about good programming practices, the better!

    ---
    Herb Chambers - where my nightmare came true!

    1. Re:Good idea by Monkey+Badass · · Score: 3, Interesting

      Of course, a web site and a few books won't prevent security issues - but the more it gets the word out about good programming practices, the better!

      I agree. Cookie-cutter methods don't teach good secure coding practices. What we really need are more books that discuss how to address security throughout the life of software, beginning at its design. It's kind of sad that even after years of acknowledging this need, there are still only a handful of such books available. This kind of knowledge also would give developers the insight they need to know how to properly adapt these cookbook methods to a very complex software design. Teach a developer to fish ...

      I'm currently doing relevant research. Check out the survey if you get a chance. I'd greatly appreciate it.

  2. Re:We really need a different language by pVoid · · Score: 4, Interesting
    Microsoft is moving to languages with managed types [...]overwhelming majority of Microsoft security holes would have never happened

    Are you somehow recommending a kernel be written in something else than C??? Sure, not all systems software is kernel mode C, but you have to realize that unless the underlying infrastructure is built (on some low level language), you can't have high level languages... in other words, the bottom line is Assembly. You have to build your way to it.

    Now that said, the buffer overflow isn't the only security hole in the world, in fact more security holes come from very very high level, very abstract programming fallacies... such as for example the cookie exploit (it's a logical bug) that Hotmail had a while back.

    All this being said, I feel like a dirty karma whore right now (feeling the slimey breath of modders down my neck), so I'll say it right out: I'M PRO MICROSOFT.

    <runs for cover>

  3. the first rule of secure programming club is by Anonymous Coward · · Score: 3, Interesting

    use a language that was specifically designed with security in mind
    like say, Ada

    oh yeah, let the negative moderation begin
    because programmer can't stand being held by the hand
    too big ego

  4. Re:We really need a different language by Electrum · · Score: 5, Interesting

    They happen because A) most code is written in C or C++, and B) everyone makes mistakes (even the finest open source developers overlook simple buffer overflows).

    That's not true. qmail and djbdns do not have security holes. They were written using secure coding techniques that make them immune to things like buffer overflows. You can't "overlook" a buffer overflow with stralloc.

  5. Re:We already HAVE the different language. by Raffaello · · Score: 3, Interesting

    This is just silly - existing commercial lisps compile to machine code, same as c, or fortran, or ada, etc. Current lisp implementations run on stock hardware, on all the major platforms - Windows (XP,ME, NT, 9x, Dos), Linux (ix86, sparc, ppc), Mac OS X (and Classic), and various Unices.

    OS kernels are not written in lisp because Unix was written in C, so everyone mistakenly believed that C was *the* language for OS kernel implementation. However, this is simply not so. Any language compiler that can generate machine code can be used to write an OS kernel.

  6. Re:We really need a different language by defile · · Score: 3, Interesting

    I recommend Python.

    Open source, expressive (very short code can achieve a lot), readable (very short expressive code is easily groked -- fewer bugs), no direct pointer manipulation (safe -- fewer bugs), integrates nicely with other languages, runs on a variety of platforms, very easy to learn.

  7. 2 tips from the hood by Anonymous Coward · · Score: 4, Interesting

    1. Create your own malloc/free new/delete heap. This heap should always have blocks of 0's interspersed throughout and a 1K walled block of 0's at the end of the heap. Any programming errors may result in garbage, but it won't result in injected code vulnerabilities.

    2. No direct DB access technology on your web service front ends. If your web UI code has SQL in it, you're doing something wrong. Your Web GUI should access an intermediate layer, instead. UI is notoriously easy to compromise, and the best way to make SQL injection attacks is to not have SQL directly beneath the button your users are playing with.