Secure C programming

**Walter Roberson** · Dec 30 '07, 10:05 PM

Re: Secure C programming

In article <20071230223029 .f17f1c63.coolz one@it.dk>,
Rico Secada <coolzone@it.dk wrote:

>Doesn't there exist any complete texts on what to do and not do when
>programming in C, from a security perspective?

No, no text on security can be complete, particularily if you
mean "programmin g in C" in the larger sense of allowing system
extensions and calls to the operating system, not just using the
functions provided as part of the C language and standard C library
itself.
--
"Beware of bugs in the above code; I have only proved it correct,
not tried it." -- Donald Knuth

**jacob navia** · Dec 30 '07, 10:15 PM

Re: Secure C programming

Rico Secada wrote:

Hi.
>
Doesn't there exist any complete texts on what to do and not do when
programming in C, from a security perspective?
>
Preferably with examples.
>
Best regards.
>
Rico.

There are several good books.
1)
“Safer C”
Les Hatton

2)
Writing secure code
Howard and LeBlanc

3)
Secure coding in C and C++
Robert C Seacord

I find the first one the best.

--
jacob navia
jacob at jacob point remcomp point fr
logiciels/informatique

403 Forbidden

http://www.cs.virginia.edu/~lcc-win32

**jacob navia** · Dec 30 '07, 10:15 PM

Re: Secure C programming

Walter Roberson wrote:

In article <20071230223029 .f17f1c63.coolz one@it.dk>,
Rico Secada <coolzone@it.dk wrote:
>

>Doesn't there exist any complete texts on what to do and not do when
>programming in C, from a security perspective?

>
No, no text on security can be complete, particularily if you
mean "programmin g in C" in the larger sense of allowing system
extensions and calls to the operating system, not just using the
functions provided as part of the C language and standard C library
itself.

Why do you ignore the very rich literature about this?
All those books are just nonsense?

Please, if you do not know this subject, do not send this kind
of misinformation.

Thanks

--
jacob navia
jacob at jacob point remcomp point fr
logiciels/informatique

403 Forbidden

http://www.cs.virginia.edu/~lcc-win32

**=?UTF-8?q?Harald_van_D=C4=B3k?=** · Dec 30 '07, 10:25 PM

Re: Secure C programming

On Sun, 30 Dec 2007 23:11:02 +0100, jacob navia wrote:

Walter Roberson wrote:

>In article <20071230223029 .f17f1c63.coolz one@it.dk>, Rico Secada
><coolzone@it.d kwrote:
>No, no text on security can be complete,

>
Why do you ignore the very rich literature about this? All those books
are just nonsense?

They are not complete. They are not nonsense, but for any book on
security, there will be issues not addressed.

**Walter Roberson** · Dec 30 '07, 10:55 PM

Re: Secure C programming

In article <fl952d$dns$2@a ioe.org>, jacob navia <jacob@nospam.o rgwrote:

>Walter Roberson wrote:

>In article <20071230223029 .f17f1c63.coolz one@it.dk>,
>Rico Secada <coolzone@it.dk wrote:

>>Doesn't there exist any complete texts on what to do and not do when
>>programming in C, from a security perspective?

>No, no text on security can be complete, particularily if you
>mean "programmin g in C" in the larger sense of allowing system
>extensions and calls to the operating system,

>Why do you ignore the very rich literature about this?
>All those books are just nonsense?

I did't say that any reference material on the subject was "nonsense":
I said that it wasn't "complete".

>Please, if you do not know this subject, do not send this kind
>of misinformation.

"Security is a process, not a product."

(Bruce Schneier, "Secrets and Lies", preface
http://www.schneier.com/book-sandl-pref.html )

If you could create a *complete* text on security in C (especially
if OS calls are to be allowed) then you would have created a security
*product*, a finished thing that you expected would be secure against
all known and yet-to-be-discovered attacks. Security in the real world
doesn't work that way.

There can be texts describing lessons learned from the past and
giving very valuable information about how to avoid what has gone
before -- but those texts are not going to be *complete*.

Perhaps, Jacob, this is a language difference. In English, a "complete
text" would be one that contains everything there is to know about the
subject, not just everything -currently- known on an evolving topic.
For example, there could hypothetically be a "complete" book describing
every type of Wedgewood china made between 1914 and 1952, but there
cannot, for example, be a "complete" book describing all the species of
worms on earth, as there are many still unclassified and many still
being discovered.
--
So you found your solution
What will be your last contribution?
-- Supertramp (Fool's Overture)

**Randy Howard** · Dec 31 '07, 12:15 AM

Re: Secure C programming

On Sun, 30 Dec 2007 16:08:50 -0600, jacob navia wrote
(in article <fl94ua$dns$1@a ioe.org>):

Rico Secada wrote:

>Hi.
>>
>Doesn't there exist any complete texts on what to do and not do when
>programming in C, from a security perspective?
>>
>Preferably with examples.
>>
>Best regards.
>>
>Rico.

There are several good books.
1)
“Safer C”
Les Hatton
>
2)
Writing secure code
Howard and LeBlanc
>
3)
Secure coding in C and C++
Robert C Seacord
>
I find the first one the best.

And if you want to know what the black hats are up to, reading The
Shellcoder's Handbook, by Koziol and others is a good start.

--
Randy Howard (2reply remove FOOBAR)
"The power of accurate observation is called cynicism by those
who have not got it." - George Bernard Shaw

**Robert Gamble** · Dec 31 '07, 12:25 AM

Re: Secure C programming

On Dec 30, 5:08 pm, jacob navia <ja...@nospam.c omwrote:

Rico Secada wrote:

Hi.

>

Doesn't there exist any complete texts on what to do and not do when
programming in C, from a security perspective?

>

Preferably with examples.

>

Best regards.

>

Rico.

>
There are several good books.
1)
"Safer C"
Les Hatton
>
2)
Writing secure code
Howard and LeBlanc
>
3)
Secure coding in C and C++
Robert C Seacord
>
I find the first one the best.

I've never seen the first one so I can't comment. From the table of
contents and the reviews I have read, the second one appears to be
strongly focused on Windows. The last one is on my bookshelf, I would
definitely recommend it.

--
Robert Gamble

**Ivan Novick** · Dec 31 '07, 02:15 AM

Re: Secure C programming

On Dec 30, 1:30 pm, Rico Secada <coolz...@it.dk wrote:

Hi.
>
Doesn't there exist any complete texts on what to do and not do when
programming in C, from a security perspective?
>
Preferably with examples.
>
Best regards.
>
Rico.

Ummm... not sure that question really makes any sense.

It completely depends on what type of app you are creating and what
"security" threats you are trying to defend against.

Regards,
Ivan Novick

http://www.0x4849.net

**Rico Secada** · Dec 31 '07, 02:55 AM

Re: Secure C programming

On Sun, 30 Dec 2007 16:23:05 -0800 (PST)
Robert Gamble <rgamble99@gmai l.comwrote:

On Dec 30, 5:08 pm, jacob navia <ja...@nospam.c omwrote:

Rico Secada wrote:

Hi.

Doesn't there exist any complete texts on what to do and not do
when programming in C, from a security perspective?

Preferably with examples.

Best regards.

Rico.

There are several good books.
1)
"Safer C"
Les Hatton

2)
Writing secure code
Howard and LeBlanc

3)
Secure coding in C and C++
Robert C Seacord

I find the first one the best.

>
I've never seen the first one so I can't comment. From the table of
contents and the reviews I have read, the second one appears to be
strongly focused on Windows. The last one is on my bookshelf, I would
definitely recommend it.
>
--
Robert Gamble

Thank you both for those recommendations ! Just what I was looking for.

**Chris Thomasson** · Dec 31 '07, 07:45 AM

Re: Secure C programming

"Rico Secada" <coolzone@it.dk wrote in message
news:2007123022 3029.f17f1c63.c oolzone@it.dk.. .

Hi.
>
Doesn't there exist any complete texts on what to do and not do when
programming in C, from a security perspective?
>
Preferably with examples.

Don't program C if you don't know how to avoid common pitfalls; C gets a bad
rap sometimes. It's the fault of all the _lazy/crap_ programmers out there
which frequently create applications that do not even seem to have any sense
of where there buffer(s) begin, or _end_!!

Yikes! ;^(...

**frido** · Dec 31 '07, 08:15 AM

Re: Secure C programming

I'd like to add
1) Secure programming cookbook
2)

https://www.securecoding.cert.org/confluence/display/seccode/CERT+C+Programming+Language+Secure+Coding+Standard

does not look that bad either

Regards
Friedrich

--
Please remove just-for-news- to reply via e-mail.

**Chris Hills** · Dec 31 '07, 09:15 AM

Re: Secure C programming

In article <20071230223029 .f17f1c63.coolz one@it.dk>, Rico Secada
<coolzone@it.dk writes

>Hi.
>
>Doesn't there exist any complete texts on what to do and not do when
>programming in C, from a security perspective?

No... In a word.

There are several general texts. For example Les Hatton's Safer C

Then there is

https://www.securecoding.cert.org/confluence/display/seccode/CERT+Secure+

Coding+Standard s

Parts of it are based on MISRA-C:1998.

There is an ISO working group on Vulnerabilities looking at language
vulnerabilities generically and specifically across a range of languages
including C. It is intended that the MISRA-C:2010 will also
incorporate the relevant parts of OWG-V and cover C security as well as
safety

The work shows that there is a major overlap between safety-reliability
and security. In fact we found that the two communities were often
looking at the same problem with a different perspective.

Safety wants a robust and reliable system no matter what happens i.e.
random inputs and accidental problems etc. where as security wants the
same but assumes intentional and intelligent abuse of the system. In
many cases it is the same problem just worded differently.

The problem with C is there are two types of security threat. C
language generic and architecture-compiler specific.

So it depends on what you are developing on what architecture with which
compiler.

--
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
\/\/\/\/\ Chris Hills Staffs England /\/\/\/\/
/\/\/ chris@phaedsys. org www.phaedsys.org \/\/\
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/

**jacob navia** · Dec 31 '07, 10:05 AM

Re: Secure C programming

Chris Thomasson wrote:

"Rico Secada" <coolzone@it.dk wrote in message
news:2007123022 3029.f17f1c63.c oolzone@it.dk.. .

>Hi.
>>
>Doesn't there exist any complete texts on what to do and not do when
>programming in C, from a security perspective?
>>
>Preferably with examples.

>
Don't program C if you don't know how to avoid common pitfalls; C gets a
bad rap sometimes. It's the fault of all the _lazy/crap_ programmers out
there which frequently create applications that do not even seem to have
any sense of where there buffer(s) begin, or _end_!!
>
Yikes! ;^(...

Here we have the example of somebody that can't answer a simple
question and starts ranting for no reason.

--
jacob navia
jacob at jacob point remcomp point fr
logiciels/informatique

403 Forbidden

http://www.cs.virginia.edu/~lcc-win32

**Rico Secada** · Dec 31 '07, 10:25 AM

Re: Secure C programming

On Sun, 30 Dec 2007 23:50:38 -0800
"Chris Thomasson" <cristom@comcas t.netwrote:

"Rico Secada" <coolzone@it.dk wrote in message
news:2007123022 3029.f17f1c63.c oolzone@it.dk.. .

Hi.

Doesn't there exist any complete texts on what to do and not do when
programming in C, from a security perspective?

Preferably with examples.

>
Don't program C if you don't know how to avoid common pitfalls; C
gets a bad rap sometimes. It's the fault of all the _lazy/crap_
programmers out there which frequently create applications that do
not even seem to have any sense of where there buffer(s) begin, or
_end_!!
>
Yikes! ;^(...
>

Dude!? Its like saying "Don't approach the water if you don't know how
to swim!", well how do you then learn to swim, if you can't approach
the water. Damn!

Secure C programming

Secure C programming

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment