LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Remote root hole in Samba

Remote root hole in Samba

Posted Apr 11, 2012 15:59 UTC (Wed) by Cyberax (✭ supporter ✭, #52523)
In reply to: Remote root hole in Samba by dgm
Parent article: Remote root hole in Samba

Yes, they did. When was the last vulnerability in Erlang interpreter discovered?

And then there is research into formalized correctness proofs down to assembly language level ( http://en.wikipedia.org/wiki/Typed_assembly_language )

(Log in to post comments)

Remote root hole in Samba

Posted Apr 11, 2012 16:47 UTC (Wed) by khim (subscriber, #9252) [Link]

Yes, they did. When was the last vulnerability in Erlang interpreter discovered?

Interpreter is the key part. It does not matter of your language is managed (see Java and Erlang) or unmanaged (see Ada and C), if it's low-level (see C++) or high-level (see PHP). What does matter is the complexity of the whole scheme. And managed languages tend to increase the complexity because simple, naive implementation is usually slower and so code is added to make it faster (JIT compilers, etc)... often the end result is the system with more code in trusted VM then the in whole unmanaged system!

IOW: managed languages may be useful sometimes, but their usefulness is dramatically overblown and when they are presented as some kind of ultimate solution you know it's snake oil.

Remote root hole in Samba

Posted Apr 11, 2012 17:22 UTC (Wed) by Cyberax (✭ supporter ✭, #52523) [Link]

That's because in reality almost no VMs are written with security as their main concern.

However, it's theoretically possible to build completely safe systems using only provably safe components from bottom to the top.

Remote root hole in Samba

Posted Apr 11, 2012 17:38 UTC (Wed) by khim (subscriber, #9252) [Link]

Sure, but you don't need managed languages for that. Safe languages like Ada should work just fine.

Remote root hole in Samba

Posted Apr 11, 2012 23:59 UTC (Wed) by Cyberax (✭ supporter ✭, #52523) [Link]

Sure. You need mandatory GC and range checks. If your language has them then it can be made safe.

Remote root hole in Samba

Posted Apr 12, 2012 13:57 UTC (Thu) by cesarb (subscriber, #6266) [Link]

> Sure. You need mandatory GC and range checks. If your language has them then it can be made safe.

Why do you need GC to make a safe language?

Remote root hole in Samba

Posted Apr 12, 2012 14:41 UTC (Thu) by khim (subscriber, #9252) [Link]

You don't need GC. The things which you can not include are free(3) and realloc(3): without tracing pointers you can not say if it's safe to decallocate memory or not if you trace pointers anyway then why will you need free(3) or realloc(3)?

Usually the safe alternative is some kind of GC (refcounting GC works fine and often presents the best practical compromise), but other schemes are possible (for example you can allocate memory statically or use arenas which can be freed in safe way).

Remote root hole in Samba

Posted Apr 12, 2012 9:00 UTC (Thu) by job (guest, #670) [Link]

When was the last vulnerability in the PHP interpreter discovered?

Oh ... wait..

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds