User: Password:
|
|
Subscribe / Log in / New account

vmsplice(): the making of a local root exploit

vmsplice(): the making of a local root exploit

Posted Feb 13, 2008 17:34 UTC (Wed) by landley (subscriber, #6789)
In reply to: vmsplice(): the making of a local root exploit by dw
Parent article: vmsplice(): the making of a local root exploit

So code other people wrote is harder for you to read than code you wrote.  
Join the club.  For code you wrote, you'd better have a complete 
theoretical model in your head or it won't work.  For other people's code, 
you're trying to reverse engineer their thought process by taking apart a 
machine they built.

So if you haven't figured out yet that source code is inherently harder to 
read than it is to wrote, or that working code accumulates complexity as 
it has to deal with a real world that does not cleanly match simple 
theoretical models, you're definitely on the "newb" side rather than 
the "professional" side.

Read this:
http://www.joelonsoftware.com/articles/fog0000000053.html

And note how much else out there agrees with it:
http://www.spinellis.gr/codereading/
http://withoutane.com/rants/2007/when-you-read-code
http://blogs.msdn.com/oldnewthing/archive/2007/04/06/2036...

and so on...


(Log in to post comments)

vmsplice(): the making of a local root exploit

Posted Feb 13, 2008 18:03 UTC (Wed) by dw (subscriber, #12017) [Link]

As a matter of diligence I (like many, many people) document large swathes of my code in the
form of comments. Basically anywhere it has taken me more than a moment to think about, or
where the purpose of the code cannot be inferred by reading API documentation for the calls
made inside it.

Magical integer literals and bitshifts fall well within this purview, and I cannot see it as
"noobness" in these two specific cases. Imagine someone had to go back and fix all those
bitshifts when we move to Some New Compiler (in Some Hypothetical Future). Can't be regexed,
no central place where a change can ripple through the tree, and utterly dangerous, say, if
this New Compiler takes advantage of the fact that bitwise right shift on a signed number is
undefined according to ANSI C (I'm taking this as one, single example. There are hundreds
more).

I understand that other peoples' code is difficult to comprehend. Hell, I've read more than my
fair worth of Other Peoples' Code. I'm talking specifically about why the Linux kernel seems
to be so full of this, but other commenters have given good reasons for some of this already.

code obfuscation

Posted Feb 16, 2008 1:21 UTC (Sat) by man_ls (guest, #15091) [Link]

True. Any idiot can obfuscate his or her code, but it takes work and wit to make legible code.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds