K
Keith Thompson
[...]Tor Rustad said:Banning gets() solve little, you still need to take backups and avoid poor
quality programs & trojans.
Keeping gets() in the language solves nothing.
[...]Tor Rustad said:Banning gets() solve little, you still need to take backups and avoid poor
quality programs & trojans.
I have not performed code audit of KNode, and neither have I any great value
here to protect.
Tak-Shing Chan said:I have not performed code audit of KNode, and neither have I any great
value here to protect.
[OT] You can write a program to traverse your filesystem(s),
open every object file it sees, and flag every call to gets,
scanf and its ilk to a logfile. This is much weaker than a real
code audit, but it is better than nothing at all.
Tor Rustad said:I could trigger an alarm on gets() calls too, but if an insider
really tried to put in a backdoor, it probably would be far more
sophisticated than that, in order to fool internal and external code
audits.
Tak-Shing Chan said:[OT] You can write a program to traverse your filesystem(s),
open every object file it sees, and flag every call to gets,
scanf and its ilk to a logfile. This is much weaker than a real
code audit, but it is better than nothing at all.
My current professional project, is actually to write a program, which
monitor and analyze the programs/modules on a high-security system. If
non-authorized binary is detected, it will trigger an alarm on another
host.
I could trigger an alarm on gets() calls too, but if an insider
really tried to put in a backdoor, it probably would be far more
sophisticated than that, in order to fool internal and external code
audits.
A more interesting feature, would be to enforce run-time checks of a 3rd
party module, e.g. by placing a wrapper in front of some core API.
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.