So, I have a pet peeve. Poorly constructed DSLs. And their parsers. Any solutions? It'd be awfully nice to have a plug-and-play solution for people who might otherwise be tempted to write one.
For a turing-complete DSL, I'd tend to extend python... you simply get so much already and the C bindings are easy to write. But that's not really desirable in all cases. LISP (well, scheme) is certainly easier to parse, and the structure (if not the semantics) makes it super-easy to annotate programs, "reason" about them (e.g. contains no eval statements), and even modify them with (e.g.) aspect-oriented programming. One thing I noticed from auditing COBOL code is that, being free of pointers and being made for COmmon Business Oriented Laymen, it's very hard to shoot yourself in the foot, even with malicious input. That might be an interesting PLANGSEC case study. A few killer applications of secure languages come to mind, several taken from my 10+ year old page: http://www.subspacefield.org/~travis/good_ideas.html * Handling unsafe input like network daemons, protocol dissectors, NIDS, etc. If you can't break security on purpose, you can't do it on accident. * Handling modules written by the crowd. For example, if you could write a wireshark module in a way that CANNOT break security, you don't have to have humans reading the code. Here's a few ideas not on the list: * Berkeley Packet Filter. For performance, this is dropped moved into kernel space, and has a very limited VM that executes limited instructions. The difference between the BPF language and the VM it executes on is a good example of the difference between the language which is input to a system and its semantics. In this case you don't want infinite loops to be even possible! http://en.wikipedia.org/wiki/Berkeley_Packet_Filter FreeBSD has a zero-copy implementation: http://www.watson.org/~robert/freebsd/2007asiabsdcon/20070309-devsummit-zerocopybpf.pdf Linux has a JIT to compile that down to machine language: http://mainisusuallyafunction.blogspot.com/2012/11/attacking-hardened-linux-systems-with.html Which leads me to my final idea, the one which could revolutionize network security... * Firewall/OS independence. I should not pick an OS based on which firewall I want (pf vs netfilter). pf has such a superior language, but Linux has a more robust ecosystem. Create a virtual machine in kernel space which is safe so that you can upload compiled instructions from a userland utility, and execute there. If your VM is secure and yet powerful enough, you might even be able to create userland utilities which can translate ANY firewall language to its native instructions. As a marginally-related plug, and motivation for that last idea: http://www.subspacefield.org/security/dfd/ http://www.subspacefield.org/security/dfd_keeper/ http://www.subspacefield.org/security/dfd_keeper/code/dfd_keeper/current/sample_transcript.txt -- http://www.subspacefield.org/~travis/ Split a packed field and I am there; parse a line of text and you will find me.
pgpuv40jVxJZH.pgp
Description: PGP signature
_______________________________________________ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
