PDF Ebook Defensive Programming for Red Hat Enterprise Linux
The Internet used to be a nice place where “friendly” people met. When the first Denial of Service (DoS) event happened this was more a novelty than a problem. Today security is a major issues since the stakes are higher. There is real money on the line and there are criminals trying to get their hands on it. In addition, cracking machines is a “sport” for some degenerates that might result indirectly to financial losses due to downtime and system administrator overtime.
The programming environments developed for today’s operating systems are not designed with security in mind. The main focus of the C and Unix APIs was efficiency in performance and memory-usage. This heritage has still repercussions today since C is still one of the major programming languages in use, and the Unix API still has to be used even with other programming languages which do not have the security-related disadvantages of C.
There is no reason, though, that programs developed with these APIs have to be insecure. It just means that some more effort is necessary to write code which can be securely deployed. This paper covers several aspects of the C and UNIX APIs that need attention and it covers the aspects of a program that need to be handled to ensure security. This paper does not completely cover the topic, but it provides insight into the problems most often exploited in today’s programs.
The main aspects of security covered here are:
- • Reducing1 bugs in programs;
• Restricting the effects of bugs in programs;
• Restricting the effects of user errors;
• Proper coding practices– including recommendations on which functions to avoid.
Download
PDF Ebook Defensive Programming for Red Hat Enterprise Linux
Posted in :
