Log in

No account? Create an account

DJB on writing secure code - Journal of Omnifarious

Nov. 9th, 2007

09:05 am - DJB on writing secure code

Previous Entry Share Next Entry

Dan J. Bernstein of qmail fame, as well as being the author of djbdns has written a very interesting paper on writing secure code.

Nobody has found any security holes in qmail since it was created. It's a widely used piece of software, and DJB himself has offered prizes. I do not know if djbdns sports a similarly stellar record, but I suspect it does. So anything DJB has to say on the subject of writing secure code is well worth reading.

I read it, and it confirmed my feelings on the subject already. The best way to write secure software is to write bug-free software. And the second best way to write secure software is to reduce the amount of software that must be trusted. He outlines a number of techniques, illustrated with examples from qmail, on how to do this. It is an excellent paper, and one of the best treatments of the subject I've ever seen.

Unfortunately, DJB is an incredibly arrogant person. He comes by his arrogance by being spectacularly good at what he does, but it doesn't make it any more pleasant.

One of the more visible manifestation if his arrogance is that qmail is not Free Software. In particular nobody is allowed to distributed modified versions. The reason he gives for this is that he doesn't think anybody else can write code that's as good and they will eventually ruin it and make it insecure and then his name will somehow be associated with it. He has this opinion of all the software he writes.

He may be right, to an extent. I think there are other people capable of writing software as secure as his is. But I do not know that they would be the only contributors to the qmail project if it were Free Software.

But recently I've heard hints that DJB may be putting qmail in the public domain. This and the fact he wrote this paper are indications that he either thinks that other people are capable of writing good software, or that he realizes he can't write all the software in the world himself, or perhaps some combination of the two.

I just hope that anybody who modifies qmail maintains the same incredibly (though they shouldn't be, all software should be written to such standards) high standards of quality that DJB did.

Current Mood: [mood icon] contemplative