Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Contenuto fornito da Black Hat / CMP and Jeff Moss. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Black Hat / CMP and Jeff Moss o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
Player FM - App Podcast
Vai offline con l'app Player FM !
Vai offline con l'app Player FM !
Ben Laurie: CaPerl: Running Hostile Code Safely
Manage episode 155121485 series 1146744
Contenuto fornito da Black Hat / CMP and Jeff Moss. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Black Hat / CMP and Jeff Moss o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
There are many circumstances under which we would like to run code we don't trust. This talk presents a method for making that possible with various popular scripting languages-the test case is Perl, but the technique will work with other languages. Also presented is an open source implementation for Perl, and various examples of its use - for instance, a web server that will run arbitrary code uploaded to it. Although some experience of Perl is useful, it is not essential. The basis of the technique is to compile a slightly modified dialect of Perl into capability-enforcing standard Perl, which is then run using a vanilla Perl interpreter. Ben Laurie has worked for years on cryptography and security, particularly in the open source world. Perhaps best known for authoring Apache-SSL, the ancestor of almost all secure free webservers, he is also a core team member of OpenSSL and a founding director of the Apache Software Foundation. In his copious spare time, he is Director of Security for The Bunker Secure Hosting. He has published papers on subjects as diverse as knotted DNA and anonymous money. His current obsessions are privacy and security.
…
continue reading
61 episodi
Ben Laurie: CaPerl: Running Hostile Code Safely
Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference
Manage episode 155121485 series 1146744
Contenuto fornito da Black Hat / CMP and Jeff Moss. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Black Hat / CMP and Jeff Moss o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
There are many circumstances under which we would like to run code we don't trust. This talk presents a method for making that possible with various popular scripting languages-the test case is Perl, but the technique will work with other languages. Also presented is an open source implementation for Perl, and various examples of its use - for instance, a web server that will run arbitrary code uploaded to it. Although some experience of Perl is useful, it is not essential. The basis of the technique is to compile a slightly modified dialect of Perl into capability-enforcing standard Perl, which is then run using a vanilla Perl interpreter. Ben Laurie has worked for years on cryptography and security, particularly in the open source world. Perhaps best known for authoring Apache-SSL, the ancestor of almost all secure free webservers, he is also a core team member of OpenSSL and a founding director of the Apache Software Foundation. In his copious spare time, he is Director of Security for The Bunker Secure Hosting. He has published papers on subjects as diverse as knotted DNA and anonymous money. His current obsessions are privacy and security.
…
continue reading
61 episodi
Усі епізоди
×Benvenuto su Player FM!
Player FM ricerca sul web podcast di alta qualità che tu possa goderti adesso. È la migliore app di podcast e funziona su Android, iPhone e web. Registrati per sincronizzare le iscrizioni su tutti i tuoi dispositivi.