[Tfug] "Secure" programming APIs/environments

Bexley Hall bexley401 at yahoo.com
Thu Jun 18 21:41:00 MST 2009


Hi,

I'm looking for ideas as to how to *enforce* reliability
through the careful design of APIs, environments, etc.

So far, (in addition to the obvious "address space per
process") I've relied on distinct namespaces (if you can't
name it, you can't *get* it), ACLs on all IPCs (and thinking
hard about what you do via IPC vs. a simple library call),
memory scrubbing for user tasks, "no execute" on stack and
data segements, etc.

These all seem pretty obvious -- some more expensive than
others.  Aside from expense, I can't see why they aren't
more commonplace?!

Any other suggestions from veterans in the trenches?

Thx,
--don


      




More information about the tfug mailing list