Cores and Extras Heliotropic Computing

FOSS.IN 2008 has been started from Tuesday , 25th November at IISC, Bangalore. I am lucky enough to get the opportunity to participate there on behalf of Sun Microsystems, one and only 'Gold Sponsor' of the event. Open source enthusiasts from all over the country as well as outside India gathered there to share and develop their knowledge and expertise about various open source products. lots of conferences and interesting workouts were organized there. some of them are like KDE on Solaris , profiling Gnome using DTrace etc. Sun has one booth there and talented folks from IEC were always present there to demonstrate various interesting and outstanding feature of Sun products. Open Solaris , Virtual Box , NetBeans, Cifs , Amber road , Mysql , IPS ,Open solaris 2008.11, Cross bow, D trace , Open Office everything was presented in front of enthusiastic guys. The delegate kit was equipped with the latest open solaris distro i.e OpenSolaris 2008.11 and a bunch of Sun products like Sun studio, open office , virtual box , mysql , websynergy , netbeans , glassfish and a lot more. Participants were helped by Sun volunteers to install and use those products in their own system. Foss enthusiasts from sun has started blogging with exclusive news from Foss , Sun @ FOSS.IN 2008 - be sure to check it out !

There were also some other booths from vmware , nokia etc. It's going to be ended by tomorrow, 29th November for this year , 2008. We are all looking forward to make it again next year more successful and more gorgeous.

When we create a data structure code say a linked list or simply a string , a sentinel is used to determine the end point. Typically a NULL character is used at the last position of a string or at the address part of the last node of a single linked list. But this kind of sentinels must be used in a very secured way so that it won't be easily accessible. When we want to print a string or data from a linked list from a piece of code, it always checks with the NULL character as the termination point. So addition of a sentinel in an undesired position may always truncate the data. Deletion of a sentinel too cause serious problems in program logic. So vulnerabilities related to integrity often depends on these factors. Secure programming must take care of it. 

Buffer Overflow attack happens when more data sent to a system than it's designed to handle. This kind of attack may happen through unsecured programming , say if a program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer it may cause a buffer overflow. When buffer overflow attack happens , if it overwrites the allocated memory from the stack area then it's a stack based buffer overflow and when it overwrites the heap area then it's heap based buffer overflow. This kind of attack may lead to a system crash.
There are several preventive measures to be taken against this attack. They are discussed below:

i) Disallowing executable code by adding a line like 'set noexec_user_stack=1' to the /etc/system file. Now if a program attempts to execute code on their stack it will be aborted with a core dump and a warning message will be displayed with the process name, PID and UID. This message can be logged by syslog. Enable it by adding another to the /etc/system file , 'set noexec_user_stack_log=1'. A reboot is necessary to make it work.
ii) Removing unnecessary compilers.
iii) Unknown programs must NOT be executed.
iv) Disabling unnecessary ports and services by commenting lines in /etc/inetd.conf file.
v) Applying patches from Sun website.
vi) Using ASET (Aotomated Security Enhancement Tool) in high mode. (Check out 'man aset').

If you have a website which allows anonymous remote users to upload data onto your website , you must be very careful about the vulnerability issues in file uploading. First , check out the Path traversal Vulnerabilities . The file name of an uploaded stuff may be something like '../../xyz.abc' , be sure  to take necessary precautions. Same named file may already exist in the destination directory which may cause data overwriting , so an automatic renaming algorithm must be there. A file extension may give you wrong impression about the file content , you must check the file header to be sure about the content type. Before opening a file a virus detecting software must be used to avoid virus attacks. File size must be restricted to avoid storage exhaustion. Extra care for compressed files ( like a *.zip) is required as self referencing directory may consume valuable system resources.

Reference : http://shsc.info/FileUploadSecurity

Ctrl + C generally used as a termination request from a user. Actually when Unix recognizes an interrupt has occured , it sends the corresponding process signal , where 'Signals' are used by the operating system to notify process that some event (interrupt) has occured. Now there is one unique numbered signal available for each possible event. When a user press Ctrl + C , that key combination causes the system to send a signal i.e SIGINT to the running process. By default that signal causes the process to terminate immediately. This Ctrl + C works in command line i.e in a terminal. There's a terminal driver exist which supports the terminal. When the terminal driver recognizes a Ctrl + C key combination, it sends a SIGINT signal to all processes that are running under the current forground job. 

There are other terminal signals like Ctrl + Z , Ctrl + \  etc. Ctrl + Z sends a TSTP signal i.e SIGSTP which causes the process to suspend execution and Ctrl + \  sends an ABRT signal i.e SIGABRT to immediately terminate a process.