David A. Wheeler's Blog
Fri, 08 Oct 2004
New Security Article on Race Conditions
Well, I’m happy to announce that another one
of my developerworks article on secure development is
now out for the public.
Go take a look at
Secure programmer: Preventing Race Conditions.
This was a trickier article to write, because race conditions are
harder to describe in a simple way.
No matter what, they always involve subtle timing interactions, and
that makes them hard to describe.
Even the conventional definitions are too complicated and don’t really
help explain the issue.
So, I ended up writing my own definition:
A “race condition” occurs when a program doesn’t work as it’s supposed to
because of an unexpected ordering of events that produces contention over the
same resource. Notice that a race condition doesn’t need to involve contention
between two parts of the same program; many security problems occur if an
outside attacker can interfere with a program in unexpected ways.
And from there, it shows some of those big surprises.
A whole bunch of race conditions have been found over the last few
months, so this is certainly still a serious problem.
path: /security | Current Weblog | permanent link to this entry
End of September 2004 release of “Why OSS/FS? Look at the Numbers!”
I’ve made another release of my paper
“Why Open Source Software /
Free Software (OSS/FS)? Look at the Numbers!”
Here are some highlights:
Possibly most important long-term, I added a lot of
to appendix A to help people identify what is really OSS/FS.
In particular, I added information about Debian’s tests, which are
thought experiments they use to examine licenses.
These are the “desert island”, “dissident”, and “tentacles of evil” tests.
I added this information after reading
Mark Shewmaker’s August 2004 examination of the
Microsoft Royalty Free Sender ID Patent License.
That analysis proved to me that a non-lawyer can carefully
analyze and rationally argue about licensing and legal issues,
especially when they’re given tools like these thought experiments
to help them.
I added a reference to the article
“Open Source Software Development Should Strive for Even Greater
Code Maintainability” by
Ioannis Samoladas, Ioannis Stamelos, Lefteris Angelis,
and Apostolos Oikonomou.
It’s published by the
highly-respected “Communications of the ACM” (CACM) in
October 2004 (pp. 83-87).
They studied almost 6 million lines of code, tracking several programs
over time, using the maintainability index
(chosen by the Software Engineering Institute as the most suitable tool
for measuring the maintainability of systems).
Using their measurements,
they concluded that
OSS/FS “code quality appears to be at least equal and sometimes better
than the quality of [closed source software] code implementing
the same functionality.”
They conjectured that this
“may be due to the motivation of skilled OSS programmers…”
Added more information about security evaluations performed
or being performed for OSS/FS, esp. Common Criteria and FIPS 140,
in the security section. Novell SuSE, Red Hat, MandrakeSoft,
Trusted Computer Solutions’ Secure Linux, and OpenSSL
(2 different projects!).
These are really important to some organizations.
Although there’s a lot of information about this,
there doesn’t seem to be any one place with it pulled together.
Well, now there is.
my paper for more about formal security evaluations of OSS/FS products.
Added a reference to CSC’s new report
“Open Source: Open for Business”.
In particular, they discuss some TCO issues which I added to
the TCO section.
path: /oss | Current Weblog | permanent link to this entry