Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Do You Know Your Code is Secure?

Posted by ryuzaki0 on from the batten-down-the-hatches-mates dept.

bvc writes "Marucs Ranum notes that 'It's really hard to tell the difference between a program that works and one that just appears to work.' He explains that he just recently found a buffer overflow in Firewall Toolkit (FWTK), code that he wrote back in 1994. How do you go about making sure your code is secure? Especially if you have to write in a language like C or C++?"

3 of 349 comments (clear)

  1. Easy by Sodki · · Score: 0, Flamebait

    How about not using languages that allow buffer overflows?

  2. Re:Don't use C++ as if it was only "C with classes by Carewolf · · Score: 0, Flamebait

    There is no excuse for using STL. It is crappy, buggy, slow and impossible to debug.

    If you need higher abstraction features like that, you are using the wrong language. Try Java or C#

  3. My suggestion by TheLink · · Score: 0, Flamebait

    Don't write in C or C++ unless you absolutely have to. If you absolutely have to, make decent plans for dealing with the eventual security problems - like write the crap anonymously or using the name of some politician you decided you didn't like ;).

    There are plenty of other languages where a whole area of C/C++ problems just don't exist. Pick a decent language or two (Please NOT PHP! Forth is not much better than C). It'll still have problems, but at least you'd have a lot less "common programmer bug = attacker executes _arbitrary_ code of attackers choice" which should be totally unacceptable for modern code.

    I personally use perl, and so far none of the bugs found in the programs I write for work would allow an attacker to "execute arbitrary code". It's more likely that any such bugs would likely be a bug in perl or the 3rd party libraries I use (nyah spread the blame ;) ).

    If you don't like perl, you could use python or similar.

    Perl of course isn't fast (fast enough for a dhcpd[1]). But other languages like LISP, *ML are nowadays about as fast as C.

    If you don't like the other fast languages, write the bulk of the stuff in a slow safe language that you like. Then write the performance critical programs in C and try to keep those really small and secure.

    [1] Why a dhcpd in perl? We needed a fair number of features not in the isc-dhcpd and other dhcp servers. And go look at the source code of isc-dhcpd and a few other dhcp servers written in C sometime... Let me know what you think of the code ;).

    Why not Python? Existing Python libs don't allow us to make a dhcpd that does what we need.

    --