[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [DotGNU]Microsoft's security blind spot

From: Bill Lance
Subject: Re: [DotGNU]Microsoft's security blind spot
Date: Mon, 11 Feb 2002 14:13:57 -0800 (PST)

--- Rhys Weatherley <address@hidden> wrote:
> There really is no "magic bullet" that makes a
> system
> secure/private.  It requires severe attention to
> detail in
> the code and protocols.  

That's absolutly true.  From the VRS architecute page,

"This is not a single system layer but the total
effect of a number of design priorities, trade-offs, a
specific techniques in a variety of places. Some of
these have been identified so far, but much thought
needs to be done here yet."

>Cross-checking each other,
> and performing code reviews would help.
> It's rarely a good idea to design a system that will
> be
> secure/private when it's all put together.  It's
> even
> worse to rely upon some "shell" to provide security.
> It's better to design the pieces to be "mutually
> distrustful", so that if one fails, it doesn't
> compromise
> everything else.  i.e. every component is
> responsible
> for its own defence.

This is a good strategy.

>There are guidelines for writing secure code, but
>are very generic: check all buffer boundaries, never
>trust the caller to get parameters right, don't leak
>unnecessary information, et

And this all helps against certain classes of attacks.

These are the kinds of items we need to add to a
security and privacy checklist.  As you observe, there
is no "magic bullet".  The issue must be in our minds
with everything we do.

On top of all this, though, we also have to be able to
test for and detect unintended consequences as
components interact.  Of course, this is the classic
source of 'bugs'.  But we still haven't solved the
problem, so we got to keep finding 'n stomping the
little bastards.

And things get so much more complicated when we start
pushing the scope of what dotGNU is ment to cover.

Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!

reply via email to

[Prev in Thread] Current Thread [Next in Thread]