Slashdot Mirror

← Back to Stories (view on slashdot.org)

Secure Programming in GNU/Linux Systems: Part I

Posted by ryuzaki0 on from the better-safe-than-sorry dept.

LNXPhreak writes "A new article on OSWeekly.com discusses secure programming in GPU/Linux systems in terms of programming talent and requirements. Quote: "A "secure program" is an application that sits on a security boundary, taking input from a source that does not have the same access rights as the program. Such programs include application programs used as viewers of remote data, web applications (including CGI scripts), network servers, and setuid/setgid programs."

2 of 64 comments (clear)

  1. Re:Unsafe Languages? by gowen · · Score: 5, Insightful

    Well that's strictly true, but you know what he's saying.
    The string handling functions of the standard C library make it very easy to write unsafe code.

    Similarly, a car with very bad brakes isn't intrinsically unsafe, as long as the cautious driver is prepared to take alternative precautions on ever bend. But if the driver makes an error (and everyone, yes, even you, will eventually make an error), he's going to end up wrapped around a tree.

    Even though other cars aren't safe in the hands of a bad driver, given that you will make mistakes, you'll have far fewer horrific crashes in a car with ABS.

    --
    Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
  2. Secure Programming... by ltning · · Score: 5, Funny

    ...in GNU/Linux systems: 1500 pages, 3 volumes. ...in Windows systems: Two words: "You don't".

    --
    Love over Gold.