SearchOpenSource: Securing Linux Applications with Compiler Extensions

[ Thanks to Jan Stafford for this link. ]

"In-depth defense is a cardinal rule whenever implementing a secure IT framework. This is especially true of environments that operate largely dependent upon applications written using programming languages known not to be type-safe (such as C). A buggy application- under the right conditions and with the correct permissions--can be leveraged to an attacker's advantage and raises the specter of system-wide compromise.

"Buffer overflow proofs of concept are produced with routine regularity, demonstrating how easy it can be to leverage unsafe coding practices into successful attacks and system takeovers..."

Complete Story

Related Stories:

• developerWorks: Real-time Resource Management(Jan 20, 2006)
• LinuxPlanet: Preventing Buffer Overflow Exploits Using the Linux Distributed Security Module, Pt 2(Jan 12, 2006)
• developerWorks: Scripting and Scaling for Fun and Profit(Jan 12, 2006)