Greetings from the Ministry of Truth. We would like to take this opportunity to educate you on some principles of secure software design.
object/API/web service/module/plugin/extension/featureAnything with a public interface used by other code.
If your code is prepared for war, you can be at peace.
Treating all inputs as attacks protects all users.
We all remember little Bobby Tables…Don’t let Bobby happen to you.
A good object interface doesn't let bad input break it. Raise/throw exceptions.
Limit what can happen via your interface. The less choice a client has in how it interacts with your program, the more success you will have in securing it.
The ideal secure interface looks like this.
There should be one—and preferably only one—obvious way to do it.Adding features for convenience can constrain you later on. Lean development is better development.Do you have a requirement for it now? If not, don't code it.
The less your code knows about the less it can break.
Principle of least authority.Regardless of security, code cannot affect objects it doesn't know about. This means less bugs.This is why global variables are bad.Isolated code is easier to debug.
The Ministry of Truth Rules for Good Software Design
The Ministry of TruthRules for Good Software Design
Principles of good software design arePRINCIPLES OF GOOD OBJECT DESIGN
Only give objects access to theTHINGS THEY NEED TO DO THEIR JOBS
To write better objects…• Leave your object in a consistent state regardless of what your clients do.• Prevent clients from accessing things they arent supposed to touch.• Only give your objects access to the resources they need to get the job done.
To write better programs…• Leave your program in a consistent state regardless of what your clients do.• Prevent clients from accessing things they arent supposed to touch.• Only give your programs access to the resources they need to get the job done.
ThanksThis lightning talk was originally by Allen Short and was presented at PyCon 2012
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.