Re: [DotGNU]Microsoft's security blind spot

dotgnu-general

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [DotGNU]Microsoft's security blind spot

From:	Rhys Weatherley
Subject:	Re: [DotGNU]Microsoft's security blind spot
Date:	Tue, 12 Feb 2002 07:59:49 +1000

Bill Lance wrote:

> Let me rephrase my question.  How do those of us
> working on the server ends of dotGNU such as SEE and
> VRS those of us working on the Pnet end develop a
> common security and privacy shell that will work when
> it's all put together?

There really is no "magic bullet" that makes a system
secure/private.  It requires severe attention to detail in
the code and protocols.  Cross-checking each other,
and performing code reviews would help.

It's rarely a good idea to design a system that will be
secure/private when it's all put together.  It's even
worse to rely upon some "shell" to provide security.

It's better to design the pieces to be "mutually
distrustful", so that if one fails, it doesn't compromise
everything else.  i.e. every component is responsible
for its own defence.

Other than that, I don't know what I can really say.
There are guidelines for writing secure code, but they
are very generic: check all buffer boundaries, never
trust the caller to get parameters right, don't leak
unnecessary information, etc.

Cheers,

Rhys.

[Prev in Thread]

Current Thread

[Next in Thread]

[DotGNU]Microsoft's security blind spot, Bill Lance, 2002/02/10
- Re: [DotGNU]Microsoft's security blind spot, Rhys Weatherley, 2002/02/10
  - Re: [DotGNU]Microsoft's security blind spot, Bill Lance, 2002/02/11
    - Re: [DotGNU]Microsoft's security blind spot, Rhys Weatherley <=
    - Re: [DotGNU]Microsoft's security blind spot, Bill Lance, 2002/02/11

Prev by Date: [DotGNU]VRS architecture docs
Next by Date: Re: [DotGNU]One Runtime to Bind Them All
Previous by thread: Re: [DotGNU]Microsoft's security blind spot
Next by thread: Re: [DotGNU]Microsoft's security blind spot
Index(es):
- Date
- Thread