English version
Accueil     À propos     Téléchargement     Ressources     Contactez-nous    

Ce site est rarement mis à jour. Pour les informations les plus récentes, rendez-vous sur le nouveau site OCaml à l'adresse ocaml.org.

Browse thread
[Caml-list] How to secure an OCaml server
[ Home ] [ Index: by date | by threads ]
[ Search: ]

[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
Date: 2004-02-28 (16:54)
From: Richard Jones <rich@a...>
Subject: Re: [Caml-list] How to secure an OCaml server
On Sun, Feb 29, 2004 at 01:44:10AM +0900, Yutaka OIWA wrote:
> Unlike C and C++, Objective Caml has strong builtin protection for
> array boundary overflow.  You can expect that inputs which usually
> cause arbitrary code execution (like viruses and worms) do not cause
> such catastrophe, but only make your programs report runtime exception
> and then halt.

Remember the corollary of having safe arrays is that people can DoS
your server by opening a socket and writing .. and writing .. and
writing.  It's always a good idea to either implement your own
sensible maximums on the length of strings / arrays, or at least run
your module with a BSD resource-style limit (setrlimit(2)).


Richard Jones. http://www.annexia.org/ http://www.j-london.com/
Merjis Ltd. http://www.merjis.com/ - improving website return on investment
http://www.YouUnlimited.co.uk/ - management courses

To unsubscribe, mail caml-list-request@inria.fr Archives: http://caml.inria.fr
Bug reports: http://caml.inria.fr/bin/caml-bugs FAQ: http://caml.inria.fr/FAQ/
Beginner's list: http://groups.yahoo.com/group/ocaml_beginners