|
Defending against unsafe coding practices with "libsafe" |
|
|
|
Source: SearchOpenSource - Posted by Pax Dickinson
|
In a previous tip about securing Linux applications with compiler extensions, we described a defense-in-depth layered methodology ("defense in depth") to proactively mitigate the potential for risk or damage arising from fatally-flawed programming constructs.
In this article, a second layer is introduced to add much-needed boundaries to checking to compiled C binaries, so as to produce robust, reliable applications capable of withstanding punishment from would-be attackers who try to break them.
The problem with compiler extensions is that they require a manual recompile of the code for the compiler itself, followed by recompilation of system binaries, to be truly effective. This painstaking and tedious process does not lend itself well to rapid deployment and thus, leaves much to be desired.
Enter libsafe, an all-purpose application defense mechanism that intercepts known-vulnerable library calls for pre-compiled binaries. By coercing any given vulnerable function call into a segregated stack frame, libsafe ensures that any potential for damage caused by errant code is safely contained within well-defined defenses. By providing a run-time protection mechanism, libsafe can do things that a fortified compiler suite cannot -- especially when it comes to setting upper bounds on the sizes for dynamically allocated buffers (or those buffers whose size isn't known at the time of compilation).
Read this full article at SearchOpenSource
Powered by AkoComment! |
