Re: OT: Re: Secure popen

From: Crispin Cowan (crispinat_private)
Date: Fri Jun 22 2001 - 09:47:22 PDT

  • Next message: finelliat_private: "Problems with unchecked PHP includes"

    ___cliff rayman___ wrote:
    
    > you should have quoted your message as flame bait. or at least subclassed it
    > as such.  :-)
    
    As should you :-)
    
    
    > Glynn Clements wrote:
    > > b) has (reasonably) strong typing, and
    >
    > i can see why this makes a program more efficient, but not more secure.
    
    Are you on crack?  Inducing type errors (treating integers as pointers, strings
    as integers, buffer overflows, etc.) is one of the primary ways to induce
    security vulnerabilities in software.  A strongly typed language is largely
    invulnerable to this class of vulnerability.
    
    
    > > c) tends to be legible.
    >
    > beauty is in the eye of the beholder.  perl is much more legible to me than
    > c++, and i prefer c++ legibility to many other languages.
    
    You are definitely on crack.  PERL is world renowned as the "write only
    programming language."  PERL provides five ways to do any given thing.  This
    makes it convenient to do rapid prototyping, and hence attractive to people
    trying to whip out a kludge by lunch time :-)
    
    Unfortunately, it also means that the odds are that the author of the software
    you're trying to read chose a different way to do something than the one you're
    familiar with.  This makes it relatively hard to read the code.  In the
    alternative, it makes it 5 times harder to fully understand the PERL language
    by memorizing every single construct.
    
    
    > > Scripting languages such as Perl are useful for quick hacks, but
    > > security-wise, they truly suck. Scan the BugTraq archives for
    > > references to CGI programs; I would guess that around 90% of
    > > vulnerabilities are due to the above.
    >
    > i don't think so.
    
    I do, for the above reasons.
    
    
    > the majority of the program crashes in this world are related to C/C++ and
    > its use of pointers.
    
    That's because C/C++ is also a type-unsafe language.
    
    Perl programs don't "crash", but they do produce unexpected results.  Perl is
    at least as guilty as C of encouraging slack developers into believing that
    their program is correct just because it appears to "work."
    
    
    >  it is very easy to write secure perl programs.
    
    No, it is very easy to write perl programs.  To be secure, they would have to
    be audited, and auditing them is hard because PERL is hard to read.
    
    
    > lots of people, especially beginners just happen to write CGI programs in
    > perl and since they are not yet capable programmers, they write insecure
    > code.  beginners don't write CGI programs in C++ because it is outside the
    > capability of beginners to do so.  a skilled programmer will write quality
    > code with either language.
    
    This is true.  However, we're talking about the merrits of the programming
    languages.  Neither Perl nor C/C++ are very good for security.  Perl is good
    for rapid prototyping, C is good for high performance, and C++ is good for
    bloating your C programs :-)  Java is a much stronger contender for secure
    programs, primarily because it is type safe.  ML and Haskall would be some
    other strong contenders for secure programming languages, but there are many
    practical problems with trying to develop deployable apps in narrowly-supported
    languages.
    
    Crispin
    
    --
    Crispin Cowan, Ph.D.
    Chief Scientist, WireX Communications, Inc. http://wirex.com
    Security Hardened Linux Distribution:       http://immunix.org
    Available for purchase: http://wirex.com/Products/Immunix/purchase.html
    



    This archive was generated by hypermail 2b30 : Sun Jun 24 2001 - 10:43:48 PDT