Full Disclosure mailing list archives

Re: Coding securely, was Linux (in)security

From: "Bill Royds" <full-disclosure () royds net>
Date: Wed, 29 Oct 2003 08:17:55 -0500

Steve is not asking that a language be less than Turing-complete, only that
insecure operations are difficult and that one would need to work hard to
write insecure code.  One could still implement anything if needed but it
would need to be explicit.
   This can be achieved in many ways by languages that do bounds checking on
strings and arrays, do not allow pointers to arbitrary data but force all
pointers to use descriptors (the VAX calling convention had all argument
lists as descriptors  forcing type safety on function calls as much as
possibile in hardware). Some of these techniques are what the secure Linuxes
use to prevent manipulation of calling stacks.
  Unfortunately other considerations than security seem to dominate
tradeoffs. Having hardware checks of array bounds adds some overhead to
array addressing, for example, so most programmers schooled in the
efficiency is first discipline rebel at such architectures.


----- Original Message ----- 
From: <Valdis.Kletnieks () vt edu>
To: "Steve Wray" <steve.wray () paradise net nz>
Cc: "'Paul Schmehl'" <pauls () utdallas edu>;
<full-disclosure () lists netsys com>
Sent: Tuesday, October 28, 2003 2:46 PM
Subject: Re: [Full-disclosure] Coding securely, was Linux (in)security

On Tue, 28 Oct 2003 17:44:55 +1300, Steve Wray <steve.wray () paradise net nz>
said:

Is it beyond all possibility that there exist languages in which
the very reverse is true? ie Languages in which one would have to
reimplement data types and so forth in order to be able to write
insecure code?

Can there exist such a language?? I reckon so.


No.

All programming languages that are Turing-complete (basically, anything that
has a conditional loop) are prone to the Turing Halting Problem.

In other words, you can't prevent DoS-via-infinite-loop based on input.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Coding securely, was Linux (in)security, (continued)
- - - Re: Coding securely, was Linux (in)security Ben Laurie (Oct 29)
    - Re: Coding securely, was Linux (in)security Sebastian Herbst (Oct 29)
    - Re: Coding securely, was Linux (in)security Valdis . Kletnieks (Oct 29)
    - Re: Coding securely, was Linux (in)security Sebastian Herbst (Oct 29)
    - Re: Coding securely, was Linux (in)security Bill Royds (Oct 29)
    - RE: Coding securely, was Linux (in)security Steve Wray (Oct 29)
    - Re: Coding securely, was Linux (in)security Brett Hutley (Oct 29)
    - Re: Coding securely, was Linux (in)security VeNoMouS (Oct 29)
    - Re: Coding securely, was Linux (in)security Valdis . Kletnieks (Oct 29)
    - Re: Coding securely, was Linux (in)security Ben Laurie (Oct 30)
    - Re: Coding securely, was Linux (in)security Bill Royds (Oct 29)
- RE: [inbox] Re: RE: Linux (in)security dhtml (Oct 24)
  - Re: [inbox] Re: RE: Linux (in)security Sebastian Niehaus (Oct 24)
- RE: [inbox] Re: RE: Linux (in)security dwr3ck (Oct 24)
  - Re: [inbox] Re: RE: Linux (in)security Valdis . Kletnieks (Oct 24)
  - Re: [inbox] Re: RE: Linux (in)security Sven Hoexter (Oct 24)
    - Re: [inbox] Re: RE: Linux (in)security Shawn McMahon (Oct 24)
    - Re: [inbox] Re: RE: Linux (in)security KF (Oct 24)
  - Re: [inbox] Re: RE: Linux (in)security Sebastian Niehaus (Oct 24)
  - RE: [inbox] Re: RE: Linux (in)security Dennis Schön (Oct 24)
- RE: [inbox] Re: RE: Linux (in)security Schmehl, Paul L (Oct 24)

(Thread continues...)