Security Risk?
Manfred Nowak
svv1999 at hotmail.com
Mon Feb 12 15:38:46 PST 2007
Bill Baxter wrote
> What makes D special in this regard? Can't you do it with C++
> just as easily? (Not really sure what you mean by 'hiding
> additional data in the instance', but every way I can think of
> would be just as possible in C++.)
Thank you for the hint.
Meanwhile I have checked D and C++ for that risk---and yes also C++ is
vulnerable. D got it slightly better.
The risk stems from the possibility to cast instances up and down the
derivation tree.
Neither C++ nor D seem to have a statement for cutting off some parts
of the derivation tree.
That is: even if you think you are at a leaf node of the derivation
tree with your instance, there might be more levels silently present.
This means, that you might be transporting data and methods of an
attacker through the system.
This means also that an attacker might be able to identify data and
methods you have marked as being private. And this without being forced
to dive into system via pointers and such.
The usual language constructs enable such attacks. This somehow
frightens me.
-manfred
More information about the Digitalmars-d
mailing list