Secure Coding

C and C++ logo
Article

Making memcpy(NULL, NULL, 0) well-defined

Nikita Popov

C2y makes memcpy(NULL, NULL, 0) and other zero-length operations on null pointers well defined. This removes a source of bugs that may result in security issues.

Article Thumbnail
Article

Managing Sensitive Assets Within Image Mode for Red Hat Enterprise Linux

Andrew Block

Aside from naming and versioning, managing sensitive assets, like credentials, is one of the more challenging aspects in technology. So, why is it so difficult? Well, to start off. What may be considered a sensitive asset to one individual or organization may not be the same as another. Also, given that there are so many different ways that sensitive assets can be managed, there is no universally accepted method available.
The challenges that encompass how sensitive assets are handled also apply to image mode, a new method that enables building and deploying Operating Systems using similar tools and approaches as any other traditional container. In this article, we will discuss the types of sensitive assets that apply to image mode for RHEL specifically and how to design appropriate workflows to incorporate secure practices within all phases, from build and deployment to runtime.

Data Grid
Product Page

Red Hat Data Grid

An intelligent, distributed caching solution that boosts application performance

Red Hat Developer - Build Here Go Anywhere
Page

Red Hat Developers

Join Red Hat Developer for the software and tutorials to develop cloud applications using Kubernetes, microservices, serverless and Linux.

Featured image for Valgrind.
Article

How to use Valgrind to track file descriptors

Mark Wielaard

Valgrind can be used to track file descriptors. Learn how to find file descriptors at various stages of your program and where they were originally opened.