Login
User Name:

Password:



Register
Forgot your password?
Vote for Us!
auth_update crash
Dec 23, 2017, 10:15 pm
By Remcon
check_tumble
Dec 18, 2017, 7:21 pm
By Remcon
parse description bug
Dec 15, 2017, 10:08 pm
By Remcon
Couple bugs
Dec 12, 2017, 5:42 pm
By Remcon
Bug in disarm( )
Nov 12, 2017, 6:54 pm
By GatewaySysop
LoP 1.46
Author: Remcon
Submitted by: Remcon
LOP 1.45
Author: Remcon
Submitted by: Remcon
LOP Heroes Edition
Author: Vladaar
Submitted by: Vladaar
Heroes sound extras
Author: Vladaar
Submitted by: Vladaar
6Dragons 4.3
Author: Vladaar
Submitted by: Vladaar
Users Online
CommonCrawl, Google, Bing, Yandex

Members: 0
Guests: 6
Stats
Files
Topics
Posts
Members
Newest Member
478
3,708
19,242
612
Jacki72H
Today's Birthdays
There are no member birthdays today.
Related Links
» SmaugMuds.org » General » General Discussions » Hardening
Forum Rules | Mark all | Recent Posts

Hardening
< Newer Topic :: Older Topic >

Pages:<< prev 1 next >>
Post is unread #1 Feb 15, 2006, 3:44 am
Go to the top of the page
Go to the bottom of the page

enderandrew

GroupMembers
Posts8
JoinedFeb 8, 2006

I know that you can harden your server by using a hardened kernel, and then compiling programs with ssp support and such.

However, I've seen codebases claim that right off the bat, their code is hardened against buffer overflow attacks and such.

Are there things we can do from a coding perspective to better harden the code?
       
Post is unread #2 Feb 15, 2006, 6:19 pm
Go to the top of the page
Go to the bottom of the page

Samson
Black Hand
GroupAdministrators
Posts3,639
JoinedJan 1, 2002

The type of hardening you're probably talking about would be from adding two functions which were borrowed from BSD code and are relied upon by the likes of SSH to ensure that buffers being used are properly trimmed and NULLd. So in this manner it is accurate to say that string handling has been hardened against overflows.

There are of course other methods which could be used to further secure the code, but I haven't spent a great deal of time looking into them because a MUD generally isn't a high profile hacker target.
       
Pages:<< prev 1 next >>