Re: Sanely modifying running code

Isolating self-modifying code is good. Then quietly strangling it is even better.

More seriously, the combination of network application and self-modifying code is a dangerous one. I would add taint detection and use a whitelist scheme to control input.

If there are only a small number of different possible modifications, derive subclasses of Cool with each possible modification. Another possiblity is to implement a plugin architecture so that new(), testit(), and soft_boot() can be different for each plugin, but still have a standardized interface.

-Mark

Comment on Re: Sanely modifying running code

Replies are listed 'Best First'.
Re^2: Sanely modifying running code by Limbic~Region (Chancellor) on Mar 14, 2006 at 13:16 UTC
kvale, Thanks for the input. To address some of your concerns, code is modified by hand by editing the file. The administrator is then able to bring his changes on line by issuing a secured command while connected and the code updates itself. Yes - still dangerous. I am implementing my own variation of an network application that has been around for a going on 2 decades (similar to MUDs). This is for learning purposes only and the actual code may not see the light of day. Cheers - L~R	[reply]

Replies are listed 'Best First'.

Re^2: Sanely modifying running code
by Limbic~Region (Chancellor) on Mar 14, 2006 at 13:16 UTC

kvale

I am implementing my own variation of an network application that has been around for a going on 2 decades (similar to MUDs). This is for learning purposes only and the actual code may not see the light of day.

Cheers - L~R

[reply]