UNMANAGED CODE IS THE ROOT OF ALL EVIL (LET THE CANARIES PROTECT YOU)
The issue of "secure coding" comes into play when you are writing "Internet" software.
An old classic example of "insecure code" would be buffer overruns (something that can occur in poor C++ coding). It's rather harder to do in Java or C# due to run-time checking of array boundaries. Michael Howard and David LeBlanc call buffer overruns "Public Enemy Number One" in their book, "Writing Secure Code" (published by Microsoft Press, December 2004), also known as "The Grey Book".
Visual C++ .NET comes with a /GS option that employs canaries to neutralise buffer overflow attacks (its etymology comes from the "canary in the coal mine" analogy). The canary is a known word inserted into the stack to monitor buffer overflows, such as if data in the stack gets corrupted, the first data to get corrupted is the canary.
One of the "good practices" identified in The Grey Book is identifying parts of your infrastructure in C or C++ which could be re-implemented in a managed language, to reduce the risk of classes of attacks, such as buffer overflow.
GREAT THING ABOUT C#
One of the great things about C# is you don't have to worry about the so-called "secure coding" issues that you have to worry about (or at least be mindful of) in C++.
PRINCIPLE OF LEAST PRIVILEGE
This is a useful security principle, whereby you give a user the rights to do what they need to do and nothing more.
The issue of "secure coding" comes into play when you are writing "Internet" software.
An old classic example of "insecure code" would be buffer overruns (something that can occur in poor C++ coding). It's rather harder to do in Java or C# due to run-time checking of array boundaries. Michael Howard and David LeBlanc call buffer overruns "Public Enemy Number One" in their book, "Writing Secure Code" (published by Microsoft Press, December 2004), also known as "The Grey Book".
Visual C++ .NET comes with a /GS option that employs canaries to neutralise buffer overflow attacks (its etymology comes from the "canary in the coal mine" analogy). The canary is a known word inserted into the stack to monitor buffer overflows, such as if data in the stack gets corrupted, the first data to get corrupted is the canary.
One of the "good practices" identified in The Grey Book is identifying parts of your infrastructure in C or C++ which could be re-implemented in a managed language, to reduce the risk of classes of attacks, such as buffer overflow.
GREAT THING ABOUT C#
One of the great things about C# is you don't have to worry about the so-called "secure coding" issues that you have to worry about (or at least be mindful of) in C++.
PRINCIPLE OF LEAST PRIVILEGE
This is a useful security principle, whereby you give a user the rights to do what they need to do and nothing more.
No comments:
Post a Comment