Jan 12, 2011, 3:27 AM
I'm an intermediate perl programmer in most ways though I started in 1999 and have a lot of knowledge of linux/shell too now, and lesser stuff.
This is a question for the advanced programmers. I want to know what wrappers are used for other than simple protection (which I don't even understand) and logging, which is the first basic thing I'm learning to do with them.
I have an idea which I believe could help prevent buffer/stack overflow attacks on a wide scale. If you send parsed information to a wrapper first then obviously it will overflow just like if you send it to be processed by perl or whoever. BUT if you put a wrapper which enforces an encryption/decryption/authentication key to be handed over correctly, then only people logged in could use it, and if you used tight markup you could 100% block out any kind of input which deviated from your requirements, so that no devious injection of any sort (to cause a buffer overflow) would be possible ever.
I appreciate there may be other ways people try to combat this stuff, and I have mine, but this seems like an easy thing to make a widespread countermeasure which could help so many developers stop their servers and sites unknowingly becoming hijacked and used for mass spamming and other crimes.
Some basic information I'd appreciate then:
1. What are wrappers commonly used for
2. Does php operate the same way as perl insofar as to be able to be 'wrapped'?
3. Do people use this method I have thought of?
4. Is there some reason it will end up not working at all, or failing to prevent the one thing it's there to prevent?
Thank you in advance if anyone does have any information on this matter.
(This post was edited by BrokenBuffer on Jan 12, 2011, 3:29 AM)