Hacker News new | ask | show | jobs
by kodfodrasz 3686 days ago
Any app i write needs to be secure as much as reasonably possible.

If you communicate over a Network with not fully trusted remote endpoints, and handle text you have a fair chance of remote code execution in C. A git front end. A text editor. Anything written in C has a fair chance to making a mistake.

Your very basic attitude is an example to the problem the industry is having!

We will always make mistakes, no matter how hard we try, but not caring for such an important topic from upstart is a not simply a mistake, but an outright sin!

Security, robustness are some examples which are way too hard to add to a software when not taken into account upfront at design time!

C is not the right tool for these tasks.
2 comments
accatyyc 3686 days ago
I'm not really sure I agree with communicating over the network in your GUI anyway. A git frontend shouldn't handle the connections, this is what libgit is for. Which would probably use curl or similar internally. Both of those are written in C, and are also reasonably secure as far as I know.

I stand by my point. Simply "not using C" isn't magically going to make your application so much more secure.

link
kodfodrasz 3685 days ago
Ok, so that example maybe was not perfect. So what? Many apps nowadays talk with remote APIs. Imagine a twitter client, a SCADA app, pretty much anything nowadays, instead of nitpicking. Btw when you use libraries written in C that very much the same as communicating over the network from your app. Same process, same address space.

Also note: local files may also be rigged... Other languages protect for whole classes of vulnerabilities with negligible costs.

About the reasonable security: http://www.tripwire.com/state-of-security/latest-security-ne...

https://curl.haxx.se/docs/vulnerabilities.html (Kudos to the curl authors for this nice overview!)

link
ArkyBeagle 3685 days ago
1) The rules for hardening 'C' based applications aren't exactly obscure nor are they new.

2) Some things very much need to never be on a wider network with untrusted nodes. This is easier than it sounds...

link
kodfodrasz 3685 days ago
They are not new, I agree, I have been writing such programs for a few years. Looking back to those times make me say that C should be avoided for such tasks.
link