Monday, July 28, 2003
Kernel Programming: Security Considerations:
Interesting points to note
1. A common mistake is assuming that listing every possible value of an enum type provides protection. An enum is generally implemented as either a char or an int internally.
2. Another common mistake is to assume that you can dereference a pointer passed to your function by another function. You should always check for null pointers before dereferencing them - Don't we all know this?
3. Security is particularly important for kernel code that draws input from a network. Assumptions about packet size are frequently the cause of security problems. Always watch for packets that are too big and handle them in a reasonable way. Likewise, always verify checksums on packets.
Hmm - and I'm doing this while on vacation - I'm convinced that I'm a geek... ;)