Ben Laurie: CaPerl: Running Hostile Code Safely

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

Contenuto fornito da Black Hat / CMP and Jeff Moss. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Black Hat / CMP and Jeff Moss o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.

18+ y ago 46:46

MP3•Pagina principale dell'episodio

There are many circumstances under which we would like to run code we don't trust. This talk presents a method for making that possible with various popular scripting languages-the test case is Perl, but the technique will work with other languages. Also presented is an open source implementation for Perl, and various examples of its use - for instance, a web server that will run arbitrary code uploaded to it. Although some experience of Perl is useful, it is not essential. The basis of the technique is to compile a slightly modified dialect of Perl into capability-enforcing standard Perl, which is then run using a vanilla Perl interpreter. Ben Laurie has worked for years on cryptography and security, particularly in the open source world. Perhaps best known for authoring Apache-SSL, the ancestor of almost all secure free webservers, he is also a core team member of OpenSSL and a founding director of the Apache Software Foundation. In his copious spare time, he is Director of Security for The Bunker Secure Hosting. He has published papers on subjects as diverse as knotted DNA and anonymous money. His current obsessions are privacy and security.

61 episodi

#Tech #Blackhat Breifings And Training #Blackhat Usa 2005 #Black Hat Vegas #Blackhat Vegas #Hacking #Computer Security #Speeches #Presentations #Spoken Word #Video #Audio #Tech News #Jeff Moss #Podcasting #Conventions